When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno

Posted 闲言博客

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno相关的知识,希望对你有一定的参考价值。

错误产生环境

SpringBoot实现 WebMvcConfigurer 接口解决跨域问题时产生

错误描述

Caused by: java.lang.IllegalArgumentException: When allowCredentials is true, 
allowedOrigins cannot contain the special value "*" since that cannot be set on the 
"Access-Control-Allow-Origin" response header. To allow credentials to a set of origins,
 list them explicitly or consider using "allowedOriginPatterns" instead.

错误原因

解决办法

.allowedOrigins("*") 改为 .allowedOriginPatterns("*")

修改前

    @Override
    public void addCorsMappings(CorsRegistry corsRegistry)
        /**
         * 所有请求都允许跨域,使用这种配置就不需要
         * 在interceptor中配置header了
         */
        corsRegistry.addMapping("/**")
                //是否发送Cookie
                .allowCredentials(true)
                //放行哪些原始域
                .allowedOrigins("*")
                .allowedMethods(new String[]"GET", "POST", "PUT", "DELETE")
                .allowedHeaders("*");
    

修改后

@Override
    public void addCorsMappings(CorsRegistry corsRegistry)
        /**
         * 所有请求都允许跨域,使用这种配置就不需要
         * 在interceptor中配置header了
         */
        corsRegistry.addMapping("/**")
                //是否发送Cookie
                .allowCredentials(true)
                //放行哪些原始域
                .allowedOriginPatterns("*")
                .allowedMethods(new String[]"GET", "POST", "PUT", "DELETE")
                .allowedHeaders("*");
    

以上是关于When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno的主要内容,如果未能解决你的问题,请参考以下文章

SpringbootWhen allowCredentials is true, allowedOrigins cannot contain the special value “*“

SpringbootWhen allowCredentials is true, allowedOrigins cannot contain the special value “*“

SpringbootWhen allowCredentials is true, allowedOrigins cannot contain the special value “*“

Unable to infer base url. This is common when using dynamic servlet registration or when the API is

Unable to infer base url. This is common when using dynamic servlet registration or when the API is(

弹簧靴。 CORS。 'allowCredentials = false' 不起作用