解决跨域配置问题：When allowCredentials is true, allowedOrigins cannot contain the special value

最新推荐文章于 2024-04-13 19:07:24 发布

TanaStudy

最新推荐文章于 2024-04-13 19:07:24 发布

阅读量2.2w

点赞数 35

分类专栏： java 文章标签： java

本文链接：https://blog.csdn.net/weixin_43901865/article/details/119737447

版权

java 专栏收录该内容

37 篇文章

订阅专栏

1、问题描述

SpringBoot配置跨域时出现：

java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*"since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.

2、问题原因

SpringBoot升级2.4.0之后，跨域配置中的.allowedOrigins不再可用

3、解决办法

将配置中的.allowedOrigins替换成.allowedOriginPatterns即可。

SpringBoot2.0.0中

@Configuration
public class CorsConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**").allowedOrigins("*")
                .allowedMethods("GET", "HEAD", "POST","PUT", "DELETE", "OPTIONS")
                .allowCredentials(true).maxAge(3600);
    }
}

SpringBoot2.4.0中

@Configuration
public class CorsConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**").allowedOriginPatterns("*")
                .allowedMethods("GET", "HEAD", "POST","PUT", "DELETE", "OPTIONS")
                .allowCredentials(true).maxAge(3600);
    }
}