修复zuul跨域配置异常

序

本文主要介绍一下在zuul进行跨域配置的时候出现的异常。

异常

The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed

实例

Access-Control-Allow-Credentials:true
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Access-Control-Allow-Origin:http://localhost:3000
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Type:application/json;charset=UTF-8
Date:Thu, 11 Aug 2016 14:23:09 GMT
Expires:0
Pragma:no-cache
Transfer-Encoding:chunked
Vary:Origin
Vary:Origin
X-Application-Context:shipping-service:dev:8080
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

方案

多次请求的时候，会把这些header再带过来，然后请求zuul转发的接口又在写入一次，造成重复了，方案就是zuul转发的时候，过滤掉这些header，比如

zuul:
  sslHostnameValidationEnabled: false  
  routes:
    info:
      sensitiveHeaders: Access-Control-Allow-Origin,Access-Control-Allow-Methods
      path: /share/**
      url: http://192.168.99.100:9000/

doc

• Zuul Access-Control-* Headers are duplicated
• Zuul Proxy CORS header contains multiple values, headers repeated twice - Java Spring Boot CORS filter config