UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource(); CorsConfiguration corsConfiguration = new CorsConfiguration(); //1,允许任何来源 corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*")); corsConfiguration.addAllowedHeader("*"); corsConfiguration.addAllowedMethod("*"); corsConfiguration.addAllowedOriginPattern("*"); corsConfiguration.setAllowCredentials(true); urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration); return new CorsWebFilter(urlBasedCorsConfigurationSource);
当设置setAllowCredentials为真时,AllowedOrigin需要用AllowedOriginPattern