我是Sping Boot MVC应用程序开发的新手。我有一个新的应用程序,我通过Maven设置的,我试图在其中导入jquery和bootstrap。我通过Maven导入了这两个Jar文件。它们位于Java资源-〉库-〉Maven依赖项中。
我使用的是Spring框架5.3.22和Spring安全性5.7.3
当我运行我的站点时,我可以看到jquery和引导文件被添加到Network选项卡中,但我得到了以下错误:
“拒绝执行来自[网站URL]的脚本,因为其MIME类型('text/html')不可执行,并且启用了严格的MIME类型检查。”
还有
拒绝应用来自[网站URL]得样式,因为其MIME类型('text/html')不是受支持得样式表MIME类型,并且启用了严格得MIME检查.
在我的JSP页面上,我包括了如下文件:
<link href="webjars/bootstrap/5.2.0/css/bootstrap.min.css" rel="stylesheet" >
<script src="webjars/jquery/3.6.1/jquery.min.js" type="text/javascript"></script>
<script src="webjars/bootstrap/5.2.0/js/bootstrap.min.js" type="text/javascript"></script>
我的Servlet配置如下所示:
public class MySpringMvcDispatcherServeletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
// TODO Auto-generated method stub
return null;
}
@Override
protected Class<?>[] getServletConfigClasses() {
//return DemoAppConfig.java class
return new Class[] {DemoAppConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[] {"/"};
}
}
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig {
@Bean
public InMemoryUserDetailsManager userDetailsManager() {
System.out.println("======>> Add Details manager");
//add in memory users/roles
}
@Bean
public CorsConfigurationSource corsConfigurationSource(){
System.out.println("======>> Add CORS");
CorsConfiguration corsConfiguration = new CorsConfiguration();
// Below config will allow only following origines from web browser
corsConfiguration.setAllowedOrigins(Arrays.asList("http://localhost:8080/"));
// Whether user credentials are supported. By default, do not support
// If you want to allow credentials then set it true
corsConfiguration.setAllowCredentials(false);
// below will not allow DELETE methods, if you want then add DELETE also
corsConfiguration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "OPTION"));
// Below will set allowed headers list, Other headers will not be supported
corsConfiguration.setAllowedHeaders(Arrays.asList("accept", "authorization", "apikey", "tenantId"));
UrlBasedCorsConfigurationSource corsConfigurationSource = new UrlBasedCorsConfigurationSource();
// This will register above configurations on all resources from the root
// If you want different rules for different resources then create separate configuration
// and register on separate resource path uri
corsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
return corsConfigurationSource;
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
// Ignore resources for any check
System.out.println("======>> Add web Customizer");
return (web) -> web.ignoring().antMatchers("/webjars/**","/resources/**", "/static/**", "/css/**", "/js/**", "/img/**", "/icon/**");
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
System.out.println("======>> Add Security Chain");
return http
.authorizeRequests(configurer ->
configurer
.antMatchers("/webjars/**","/resources/**", "/static/**", "/css/**", "/js/**", "/img/**", "/icon/**").permitAll()
.anyRequest().authenticated())
.formLogin(configurer ->
configurer
.loginPage("/showMyLoginPage")
.loginProcessingUrl("/authenticateTheUser")
.permitAll())
.build();
}
}
1条答案
按热度按时间myss37ts1#
我可以通过重写addResrouceHandlers来实现这一点。在我的DemoAppConfig文件中,它实现了WebMvcConfigurer,我添加了以下代码:
然后,我可以将这些文件添加到我的视图中,如下所示: