CORS Origin Spring Boot Jhipster-飞行前失败
我正在使用jhipster v2.27.2,已通过取消注释application.yml中的行来启用cors
jhipster:async:
corePoolSize: 2
maxPoolSize: 50
queueCapacity: 10000
cors: #By default CORS are not enabled. Uncomment to enable.
allowed-origins: "*"
allowed-methods: GET, PUT, POST, DELETE, OPTIONS
allowed-headers: "*"
exposed-headers:
allow-credentials: true
max-age: 1800
在“ WebConfigurer”中
@Bean public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = props.getCors();
if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
source.registerCorsConfiguration("/api/**", config);
source.registerCorsConfiguration("/v2/api-docs", config);
source.registerCorsConfiguration("/oauth/**", config);
}
return new CorsFilter(source);
}
但是当我请求访问令牌时,仍然看到此错误
http:// localhost:8080 / oauth / token?username = admin&password =
admin&grant_type = password&scope =
read。对预检请求的响应未通过访问控制检查:请求的资源上不存在“
Access-Control-Allow-Origin”标头。因此,不允许访问源’ http://
localhost:9090 ‘。响应的HTTP状态码为401。
回答:
看起来像是default SecurityConfiguration,它不会跳过OPTIONS的安全检查。
尝试将以下内容添加antMatcher到中的protected void configure(HttpSecurity
http)方法SecurityConfiguration.java
.antMatchers(org.springframework.http.HttpMethod.OPTIONS, "/api/**").permitAll()以上是 CORS Origin Spring Boot Jhipster-飞行前失败 的全部内容, 来源链接: utcz.com/qa/415241.html
