Spring Boot Cors配置允许所有来源

时间:2019-03-11 15:22:19

标签: java spring spring-boot cors

我试图将前端放置在从请求到后端的唯一位置。问题是它不起作用,并且每个请求都被调用。下面是配置Spring Security和cors的代码。

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable().authorizeRequests()
                .antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
                .antMatchers(HttpMethod.GET, "/groups").permitAll()
                .antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
                .addFilter(new JWTAuthenticationFilter(authenticationManager()))
                .addFilter(new JWTAuthorizationFilter(authenticationManager()))
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }

@Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Arrays.asList("http://192.168.0.16:8080"));
        configuration.setAllowedMethods(Arrays.asList("GET", "POST"));
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    }

1 个答案:

答案 0 :(得分:0)

您可能想将Prompt>echo $((1+1)) 2 http方法添加到允许的OPTIONS方法中。大多数前端语言在发送真实请求之前先发送了CORS请求。像

OPTIONS
相关问题
最新问题