spring 在请求的资源上没有“Access-Control-Allow-Origin”头,我已经尝试在这里寻找其他解决方案,但到目前为止没有成功

jv4diomz  于 2022-10-30  发布在  Spring
关注(0)|答案(1)|浏览(161)

您好,我收到以下错误:

Access to XMLHttpRequest at 'https:xyztest.com/as/authorization.oauth2?client_id=newpeteGAQA&redirect_uri=http://localhost:8080/login&response_type=code&scope=openid%20profile&state=B2Rig4' 
(redirected from 'http://localhost:8080/health-incidents') from origin 'http://localhost:8081' has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource.
newrelic.js:1          GET https://testxyz.com/as/authorization.oauth2?client_id=newpeteGAQA&redirect_uri=http://localhost:8080/login&response_type=code& ```

我已经尝试添加以下标题来修复错误,但它仍然不断给我以上错误,任何输入如何修复这个问题,我应该寻找任何elese我需要作出改变吗?:

Protected void configure(HttpSecurity http) throws Exception {
        if (enableAuthentication && !unsecured) {
            http
                    .csrf().disable()
                    .headers(headers ->
                            headers
                                    .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Origin","http://localhost:8081"))
                                    .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Methods","POST, PUT, GET, OPTIONS, DELETE"))
                                    .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Credentials","true"))
                                   // .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Headers","Authorization, Content-Type"))
                                    .addHeaderWriter( new StaticHeadersWriter("Access-Control-Allow-Headers", "Origin, Content-Type, Accept, X-Requested-With, remember-me"))
                               //     .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Origin", "*"))
                    )
                    .antMatcher(ANY_PATH).authorizeRequests()

                    .antMatchers(whitelist).permitAll()
                    .anyRequest().authenticated()
                    .and().addFilterAfter(oauth2SsoFilter(), HeaderWriterFilter.class)
                    .logout()
                    .logoutSuccessUrl("/login")
                    .invalidateHttpSession(true)
                    .deleteCookies("SESSION");
            addAuthenticationEntryPoint(http);
        } else {
            http
                    .csrf().disable()
                    .antMatcher(ANY_PATH).authorizeRequests()
                    .antMatchers(ANY_PATH).permitAll();
        }
    }
q5iwbnjs

q5iwbnjs1#

您可以尝试按照下面的描述创建类。

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class WebConfiguration implements WebMvcConfigurer {

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**").allowedMethods("*");
    }
}
  • 类名(WebConfiguration)由您决定 *

相关问题