在 Spring Boot 邮件 API 中启用 CORS

Question

我有简单的邮件发送 springboot API 和 reactjs 应用程序来获取。 托管在 nginx 服务器中。 React 应用程序在本地主机上运行良好，电子邮件可以正常工作，但如果我在服务器上运行，则会出现错误。

我尝试添加不同的 Nginx 服务器设置并添加 Springboot @CrossOrigin(origins = "http://xx.xxx.xxx.xxx/") 但到目前为止还没有找到任何帮助。 如果我部署到服务器，我必须在哪里允许 CORS？

Nginx 服务器默认：

server {
   listen 80 default_server;
   root /var/www/name/build;
   server_name xx.xxx.xxx.xxx;
   index index.html index.htm;
   location /  {
    }
}

Springboot：

@PostMapping
public void sendFeedback(@RequestBody Feedback feedback,
                         BindingResult bindingResult){
    if(bindingResult.hasErrors()){
        throw new ValidationException("Feedback is not valid");
    }

    // Create a mail sender
    JavaMailSenderImpl mailSender = new JavaMailSenderImpl();
    Properties props = mailSender.getJavaMailProperties();
    mailSender.setHost(this.emailCfg.getHost());
    mailSender.setPort(this.emailCfg.getPort());
    mailSender.setUsername(this.emailCfg.getUsername());
    mailSender.setPassword(this.emailCfg.getPassword());

    // Create an email instance
    SimpleMailMessage mailMessage = new SimpleMailMessage();
    mailMessage.setFrom(feedback.getEmail());
    mailMessage.setTo("test@gmail.com");
    mailMessage.setSubject("Testing mail");
    mailMessage.setText(feedback.getFeedback());
    mailSender.send(mailMessage);
}

我拥有的 Reactjs 代码：

fetch(url,{
    method: 'POST',
    headers:{
        'Content-Type': 'application/json'
    },
    body: JSON.stringify(state)
}).then(response =>{
    console.log(data)
}).catch(error =>{
    console.log(error)
})

输出：

Access to fetch at 'http://xx.xxx.xxx.xxx:8080/feedback-0.0.1-SNAPSHOT' from 
origin 'http://xx.xxx.xxx.xxx' has been blocked by CORS policy: 
Response to preflight request doesn't pass access control check: 
Redirect is not allowed for a preflight request.

Answer 1

添加如下 CORS 配置：

CORSConfig.java

@Configuration
public class CORSConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOrigins("*")
                .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD");
    }
}

或 标注你的控制器

@CrossOrigin
    @PostMapping
    public void sendFeedback(@RequestBody Feedback feedback,
            BindingResult bindingResult){
        if(bindingResult.hasErrors()){
            throw new ValidationException("Feedback is not valid");
        }

        // Create a mail sender
        JavaMailSenderImpl mailSender = new JavaMailSenderImpl();
        Properties props = mailSender.getJavaMailProperties();
        mailSender.setHost(this.emailCfg.getHost());
        mailSender.setPort(this.emailCfg.getPort());
        mailSender.setUsername(this.emailCfg.getUsername());
        mailSender.setPassword(this.emailCfg.getPassword());

        // Create an email instance
        SimpleMailMessage mailMessage = new SimpleMailMessage();
        mailMessage.setFrom(feedback.getEmail());
        mailMessage.setTo("test@gmail.com");
        mailMessage.setSubject("Testing mail");
        mailMessage.setText(feedback.getFeedback());
        mailSender.send(mailMessage);
    }

Answer 2

这是由于您的服务器没有以正确的标头响应造成的。如果您查看您的网络选项卡，您将看到 OPTIONS 请求在您的 POST 请求之前触发。您的服务器需要响应 OPTIONS 请求，让浏览器知道请求客户端可以访问资源。您可以阅读更多关于它的信息here at MDN，但至少您的服务器应该使用以下标题响应预检：

Access-Control-Allow-Origin: http://foo.example <== your domain here
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Headers: Content-Type

Answer 3

@CrossOrigin(origins="http://localhost:9000")
@GetMapping("/hello")
public Greeting greeting() {
    return "world";
}

或

@CrossOrigin(origins="http://localhost:9000", maxAge=3600)
@RestController
public class RestController {}