When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno

Posted 2022-04-20 闲言博客

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno相关的知识，希望对你有一定的参考价值。

错误产生环境

SpringBoot实现 WebMvcConfigurer 接口解决跨域问题时产生

错误描述

Caused by: java.lang.IllegalArgumentException: When allowCredentials is true, 
allowedOrigins cannot contain the special value "*" since that cannot be set on the 
"Access-Control-Allow-Origin" response header. To allow credentials to a set of origins,
 list them explicitly or consider using "allowedOriginPatterns" instead.

错误原因

解决办法

将 .allowedOrigins("*") 改为 .allowedOriginPatterns("*")

修改前

    @Override
    public void addCorsMappings(CorsRegistry corsRegistry)
        /**
         * 所有请求都允许跨域，使用这种配置就不需要
         * 在interceptor中配置header了
         */
        corsRegistry.addMapping("/**")
                //是否发送Cookie
                .allowCredentials(true)
                //放行哪些原始域
                .allowedOrigins("*")
                .allowedMethods(new String[]"GET", "POST", "PUT", "DELETE")
                .allowedHeaders("*");

修改后

@Override
    public void addCorsMappings(CorsRegistry corsRegistry)
        /**
         * 所有请求都允许跨域，使用这种配置就不需要
         * 在interceptor中配置header了
         */
        corsRegistry.addMapping("/**")
                //是否发送Cookie
                .allowCredentials(true)
                //放行哪些原始域
                .allowedOriginPatterns("*")
                .allowedMethods(new String[]"GET", "POST", "PUT", "DELETE")
                .allowedHeaders("*");

以上是关于When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno的主要内容，如果未能解决你的问题，请参考以下文章