参考:https://www.jianshu.com/p/aa80ca97f877
解决办法一:
谷歌浏览器里面:
chrome://flags/
把SameSite by default cookies这个参数设置成disabled
解决办法二(后端代码配置):
参考:https://blog.csdn.net/sinat_36521655/article/details/104844667
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.session.web.http.DefaultCookieSerializer;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import java.util.ArrayList;
import java.util.List;
/**
* @author 作者 :
* @date 创建时间:
* @version 1.0
* @since JDK1.8
* @Description 实现全局过滤器
*/
@Configuration
public class CorsConfig {
private CorsConfiguration addcorsConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
List<String> list = new ArrayList<String>();
list.add("*");
corsConfiguration.setAllowedOrigins(list);
corsConfiguration.setAllowCredentials(true);
/*
// 请求常用的三种配置,*代表允许所有,也可以自定义属性(比如header只能带什么,只能是post方式等等)
*/
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", addcorsConfig());
return new CorsFilter(source);
}
/**
* 重点就是这里
* @return
*/
@Bean
public CookieSerializer httpSessionIdResolver() {
DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();
// 取消仅限同一站点设置
cookieSerializer.setSameSite("None");
cookieSerializer.setUseSecureCookie(true);
return cookieSerializer;
}
}