java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the

最新推荐文章于 2024-04-13 19:07:24 发布
最新推荐文章于 2024-04-13 19:07:24 发布
阅读量552 收藏 7
点赞数 7
分类专栏: Spring SpringBoot 文章标签: 跨域
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/iamlihongwei/article/details/135224808
版权

今天在做项目的时候,新创建了一个SpringBoot的项目,并且提供了一个接口,但是在局域网内和前端同学进行本地联调的时候出现了跨域的问题。对于这种问题,不想自己手写,也不想麻烦助理,于是直接百度了一下,大概有这么几种方式:

  1. 在Controller里面增加@CrossOrigin(“*”)注解

  2. 新建一个类,然后去实现WebMvcConfigurer接口,代码大概如下:

    @Configuration
public class WebConfigurer implements WebMvcConfigurer {
	@Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOriginPatterns("*")
                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
                .allowCredentials(true)
                .maxAge(3600)
                .allowedHeaders("*");

    }
}

  3. 新建一个Filter,代码大概如下:

    
@Component
public class CorsFilter implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        response.setHeader("Access-Control-Allow-Origin","*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Methods","PUT, POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "content-type, authorization");
        filterChain.doFilter(servletRequest, servletResponse);
    }
}

于是我尝试了第一种办法,发现并没有解决问题;于是我尝试了第二种办法,发现报错了。于是我暂时略过了,尝试第三种办法,发现还是没有解决。于是对于第二种办法我产生了一丝好奇,可以不生效,但是为什么要报错呢?
于是对于该错误我搜索了一下,发现解决办法都是:

public void addCorsMappings(CorsRegistry registry) {
	        registry.addMapping("/**")
	                .allowedOriginPatterns("*") // 将这里由allowedOrigins("*")改成allowedOriginPatterns("*")
	                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
	                .allowCredentials(true)
	                .maxAge(3600)
	                .allowedHeaders("*");
	
	    }

我一查看我的代码,发现,我的代码就是后者allowedOriginPatterns(“*”)啊,那这又是为什么呢?头大。
于是我尝试改了一下这里的代码:

registry.addMapping("/**") // 将这里改成了addMapping("/api/**")
                .allowedOriginPatterns("*")
                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")

改完之后我发现请求接口不报错了,哈哈。所以猜测一定是非/api请求的路径导致了这个错误。这个问题暂且不提(后续再跟进)。

于是我根据之前的报错异常debug了一下,找到了报错位置的源代码:
异常信息如下:

2023-12-26 15:58:48.026 ERROR 62817 --- [nio-8801-exec-1] o.a.c.c.C.[.[.[.[dispatcherServlet]      : Servlet.service() for servlet [dispatcherServlet] in context with path [/robot/api] threw exception [Request processing failed; nested exception is java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.] with root cause

java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.
	at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:473) ~[spring-web-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.76.jar:4.0.FR]
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.28.jar:5.3.28]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.76.jar:4.0.FR]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) ~[tomcat-embed-websocket-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.28.jar:5.3.28]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.28.jar:5.3.28]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.28.jar:5.3.28]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.28.jar:5.3.28]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.28.jar:5.3.28]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.28.jar:5.3.28]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) ~[tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:926) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1791) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.76.jar:9.0.76]
	at java.lang.Thread.run(Thread.java:748) [na:1.8.0_181]

源码如下:
在这里插入图片描述
所以从抛出异常的代码来看,我还是在哪里有设置过allowedOrigins=“*”,可是我在哪里设置了呢?思来想去,我在Controller里面设置了过:

@CrossOrigin("*")

所以,肯定是在这里来的了,于是我把这行代码去掉,把上述的addMapping(“/api/**”) 改成了addMapping(“/**”),然后确实没有再出现异常了,问题算是暂时解决了。遗留的问题,暂时先不去考虑,等有时间再来探索吧。

排骨瘦肉丁
关注
  • 7
    点赞
  • 7
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
java.lang.Exception: java.lang.IllegalArgumentException: firstMovedIndex, lastMo
08-06
标题 "java.lang.Exception: java.lang.IllegalArgumentException: firstMovedIndex, lastMove" 描述了一个Java编程中的异常情况。这个异常通常发生在尝试执行一个不合法的操作时,例如数组或集合操作超出了其边界。...
如何解决Mybatis--java.lang.IllegalArgumentException: Result Maps collection already contains value for X
08-31
在整合Spring、Struts2和Mybatis的过程中,可能会遇到各种问题,其中之一就是`java.lang.IllegalArgumentException: Result Maps collection already contains value for X`。这个问题通常出现在Mybatis配置文件中,...
When allowCredentials is true, allowedOrigins cannot contain the special value “*“
Maggieq8324的博客
09-06 3367
目录 java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them exp
java.lang.IllegalArgumentException: When allowCredentials is true
zy08403的专栏
01-23 1037
因为调整了springboot-3.3.0版本,查了下需要修改参数allowedOriginPatterns。
Spring boot Cors跨域异常:When allowCredentials is true, allowedOrigins cannot contain the special value
最新发布
程序人生
04-13 1071
出现该问题是跨域问题,When allowCredentials is true, allowedOrigins cannot contain thespecial value "*"since that cannot be set on the “Access-Control-Allow-Origin” response header. To allow credentials to......
spring boot 2.0 跨域问题
z793397795的博客
09-24 277
import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistration; import org.springframework.web.servlet.config.annotation.CorsRe...
ruoyi框架升级报错:When allowCredentials is true, allowedOrigins cannot contain the special value “*“
weixin_43860634的博客
01-09 1260
ruoyi框架升级报错:When allowCredentials is true, allowedOrigins cannot contain the special value “*“
java.lang.IllegalArgumentException:Input == null的异常处理
01-08
Caused by: java.lang.IllegalArgumentException: input == null! at javax.imageio.ImageIO.read(ImageIO.java:1388) at com.pleanwar.fiying.FlyingObject.loadImage(FlyingObject.java:52) at ...
IDEA 中使用 ECJ 编译出现 java.lang.IllegalArgumentException的错误问题
08-19
"IDEA 中使用 ECJ 编译出现 java.lang.IllegalArgumentException 的错误问题解决方案" IDEA 是一个功能强大且功能丰富的集成开发环境,支持多种编程语言,包括 Java、Python、Ruby 等。ECJ(Eclipse Compiler for ...
java.lang.IllegalArgumentException: Class not found: org.apache.Struts2.validato
03-23
Java编程中,`java.lang.IllegalArgumentException` 是一个运行时异常,通常会在方法接收到非法或不合适的参数时抛出。这个错误信息 "Class not found: org.apache.struts2.validator" 指示程序在尝试加载名为 `...
IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special v
weixin_51579730的博客
12-13 1万+
错误如下: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration
springboot 跨域报错java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins can
DreamDlee的博客
08-08 153
解决springboot3跨域问题
请求后端接口报错:IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain ...
weixin_52116015的博客
11-21 342
When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOrigi
【解决】When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since
杨大仙
03-21 1万+
详细报错信息: java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list t
解决跨域配置问题:When allowCredentials is true, allowedOrigins cannot contain the special value
热门推荐
TanaStudy的博客
08-16 1万+
1、问题描述 SpringBoot配置跨域时出现: java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*"since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of
前后端分离spring boot+vue跨域问题
qq_43568790的博客
02-05 455
当出现跨域问题时 在spring boot项目中创建一个类 如下 package com.demo2.demo.config; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; imp...
java.lang.illegalargumentexception: when allowcredentials is true, allowedorigins cannot contain the special value "*" since that cannot be set on the "access-control-allow-origin" response header. to allow credentials to a set of origins, list them expli
06-06
citly or consider using "allowedoriginpatterns" instead. 这是一个Java异常,意思是当设置allowcredentialstrue时,allowedorigins不能包含特殊值“*”,因为这个值不能被设置在“access-control-allow-origin”响应头中。如果要允许一组来源的凭据,需要明确列出它们,或者考虑使用“allowedoriginpatterns”代替。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值