使用spring 2.3.0.release，我得到了以下cors配置：

@Configuration
@EnableWebSecurity
@ComponentScan("com.softeq.ems.config")
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class EmsJwtSecurityConfig extends BaseSecurityConfig {

    @Value("${management.endpoints.web.cors.allowed-origins}")
    private String[] allowedOrigins;

    @Override
    protected void configureHttp(HttpSecurity http) throws Exception {
        if (allowedOrigins.length > 0) {
            http.cors().configurationSource(corsConfigSource());
        }

        http.csrf().disable();
    }

    private CorsConfigurationSource corsConfigSource() {

        final CorsConfiguration corsConfig = new CorsConfiguration();
        corsConfig.addAllowedHeader(CorsConfiguration.ALL);
        corsConfig.addAllowedMethod(CorsConfiguration.ALL);

        Stream.of(allowedOrigins).forEach(
            origin -> corsConfig.addAllowedOrigin(origin)
        );

        return request -> corsConfig;
    }

变量 management.endpoints.web.cors.allowed-origins = http://localhost:4200, http://127.0.0.1:4200 这个配置运行良好，我需要的所有跨平台请求都得到了授权。
但在发布后迁移到spring boot 2.4.0之后，当我像往常一样尝试向主机发送请求时，chrome浏览器控制台中出现了经典的cors策略错误：

Access to XMLHttpRequest at 'http://localhost:8080/api/v1/me/balance' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status

spring发行说明说cors配置提供了一个新的属性 allowedOriginPatterns ，但我不知道如何使用它：https://github.com/spring-projects/spring-framework/wiki/what%27s-new-in-spring-framework-5.x#general-web修订
请帮我找出我的问题所在！