From 36004d471ce31685fccf210f0334366445c90c4b Mon Sep 17 00:00:00 2001 From: guo <260206558@qq.com> Date: Wed, 8 Jan 2025 16:31:35 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E5=9C=A8SpringBoot=202.4=E5=8F=8A?= =?UTF-8?q?=E4=BB=A5=E4=B8=8A=E7=89=88=E6=9C=AC=E5=A4=84=E7=90=86=E8=B7=A8?= =?UTF-8?q?=E5=9F=9F=E6=97=B6=EF=BC=8C=E9=81=87=E5=88=B0=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E6=8F=90=E7=A4=BA=EF=BC=9A=E5=BD=93allowCredentials=E4=B8=BAtr?= =?UTF-8?q?ue=E6=97=B6=EF=BC=8CallowedOrigins=E4=B8=8D=E8=83=BD=E5=8C=85?= =?UTF-8?q?=E5=90=AB=E7=89=B9=E6=AE=8A=E5=80=BC"*"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java index 2bdad1ff..7c468014 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java @@ -148,8 +148,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { corsConfiguration.setAllowCredentials(true); corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins()); }else { - corsConfiguration.setAllowCredentials(false); - corsConfiguration.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL)); + // 在SpringBoot 2.4及以上版本处理跨域时,遇到错误提示:当allowCredentials为true时,allowedOrigins不能包含特殊值"*"。 + // 解决方法是明确指定allowedOrigins或使用allowedOriginPatterns。 + corsConfiguration.setAllowCredentials(true); + corsConfiguration.addAllowedOriginPattern(CorsConfiguration.ALL); // 默认全部允许所有跨域 } corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader()));