我的Spring Boot应用程序中的CORS配置有效。我想自己管理交易,因此我决定通过将application.yaml设置为false来禁用视图中的打开:
spring:
jpa:
open-in-view: false
CORS配置:
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.addAllowedOrigin("http://localhost:4200");
configuration.addExposedHeader("Authorization");
configuration.addExposedHeader("Concurrency");
configuration.addAllowedMethod("*");
configuration.addAllowedHeader("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
出于某种原因,我无法弄清楚,这会阻止CORS正常工作,浏览器一直在说:
Access to XMLHttpRequest at 'http://localhost:8080/api/batch' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
即使该标头实际上存在于飞行前OPTIONS请求中。 Tomcat不会记录可能解释此情况的异常或感兴趣的日志条目。