//
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.cors().disable();
}
@Bean
public FilterRegistrationBean<Filter> corsConfigurationSource() {
FilterRegistrationBean<Filter> filterFilterRegistrationBean = new FilterRegistrationBean<>();
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "OPTIONS", "DELETE", "PUT", "PATCH"));
configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
filterFilterRegistrationBean.setFilter(new CorsFilter(source));
filterFilterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return filterFilterRegistrationBean;
}
Spring Security 跨域问题解决
于 2024-03-29 14:29:38 首次发布