首页 > 其他分享> > When allowCredentials is true, allowedOrigins cannot contain the special value “*“

When allowCredentials is true, allowedOrigins cannot contain the special value “*“

2021-09-06 22:33:45 作者：互联网

前言
修改方式

前言

项目接口访问出现allowedOrigins cannot contain the special value "*"

java.lang.IllegalArgumentException: When allowCredentials is true, 
allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. 
To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.

修改方式

修改allowedOrigins为allowedOriginPatterns
修改前

@Override
public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**")
            .allowedOrigins("*")
            .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
            .allowCredentials(true)
            .maxAge(3600)
            .allowedHeaders("*");
}

修改后

@Override
public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**")
            .allowedOriginPatterns("*")
            .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
            .allowCredentials(true)
            .maxAge(3600)
            .allowedHeaders("*");
}

- End - ﹀﹀﹀梦想是咸鱼关注一下吧

标签：When,value,allowCredentials,cannot,registry,true,special,allowedOrigins
来源： https://www.cnblogs.com/maggieq8324/p/15236050.html