Merge pull request #1759 from guobi777/master

fix: 在SpringBoot 2.4及以上版本处理跨域时,遇到错误提示:当allowCredentials为true时,allowed…
pull/1769/head
648540858 2025-01-27 07:40:06 +08:00 committed by GitHub
commit c059bd08dd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 2 deletions

View File

@ -148,8 +148,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
corsConfiguration.setAllowCredentials(true); corsConfiguration.setAllowCredentials(true);
corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins()); corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins());
}else { }else {
corsConfiguration.setAllowCredentials(false); // 在SpringBoot 2.4及以上版本处理跨域时遇到错误提示当allowCredentials为true时allowedOrigins不能包含特殊值"*"。
corsConfiguration.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL)); // 解决方法是明确指定allowedOrigins或使用allowedOriginPatterns。
corsConfiguration.setAllowCredentials(true);
corsConfiguration.addAllowedOriginPattern(CorsConfiguration.ALL); // 默认全部允许所有跨域
} }
corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader())); corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader()));