展开全部给你个例子,controller需要支持跨域的方法:publicMapindex(ServletResponseres){HttpServletResponseresponse=(HttpServletResponse)res;response.addHeader("Access-Control-Allow-Origin","*");response.addHeader("Access-Control-Allow-Methods","POST,GET,PUT,DELETE,OPTIONS");response.addHeader("Access-Control-Allow-Credentials","true");response.addHeader("Access-Control-Allow-Headers","Content-Type,X-Requested-With,token");response.addHeader("Access-Control-Max-Age","");//TODO}这样就支持跨域了,但是这种方式不怎么安全,"Access-Control-Allow-Origin"后面的*代表支持所有域名。