Solution to the problem of options forbidden 403 in spring cloud

Abstract: This paper briefly describes the problem of options requesting forbidden when bloggers need cross domain debugging in the development process, as well as the solutions.

403 Forbidden explains:

Forbidden You don't have permission to access / on this server. Additionally,a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

403 Forbidden is a status code in the HTTP protocol. You can simply understand that you do not have permission to access this site.

problem

In projects using spring cloud, local cross domain debugging found that the post request was converted to options request, and the server refused access. In fact, it was the problem of CORS request.

CORS requests are divided into two categories: simple requests and non simple requests. The main distinguishing points between the two are:

1: The request methods are head, get and post;

2: The HTTP header information is as follows: accept, accept language, content language, last event ID, and content type (the values are application / x-www-form-urlencoded, multipart / form data, and text / plain).

As long as the above two points are met, it is a simple request; Otherwise, it is not a simple request.

The processing method of simple requests is that the browser sends CORS requests directly. The processing method of non simple request is that the browser sends a pre check request, which means asking whether the current domain name of the server can access the normal server. If it can, send a normal request to the server; Otherwise, an error is reported.

The problem now is that it is found that the domain name is not in the white list of the server when the CORS request is pre checked, so it is necessary to modify the request return message of the server.

Solution

Add the following filter in the gateway and add the message header in each request return message to access normally

Reference article:

Cross domain resource sharing CORS details

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>