错误 CORS Forbidden 403 Spring Boot With Spring Security when using Path Variable
[英]Error CORS Forbidden 403 Spring Boot With Spring Security when using Path Variable
问题描述
I know there already a lot of questions & answers about this topic, but none mention about this Error when using path variable.
我知道已经有很多关于这个主题的问题和答案,但是没有人提到使用路径变量时的这个错误。
I already put this config我已经把这个配置
@EnableWebSecurity
public class CustomWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.cors().and()
.csrf().disable()
.authorizeRequests().antMatchers("/file/getFile/**")
.permitAll().anyRequest().authenticated()
.and()
.httpBasic();
}
}
and when I use the path variable the response always error 403 Forbidden.当我使用路径变量时,响应总是错误 403 Forbidden。
ERROR错误
@RequestMapping(value = "/file")
@Service
public class FileService {
.....
@CrossOrigin(origins="http://localhost:8080", allowCredentials = "true")
@RequestMapping(value = "/getFile/{fileId}", method = RequestMethod.POST)
@ResponseBody
public String getFile(@PathVariable(value = "fileId") String fileId) {
....
}
}
But if I'm not using the path variable, it works.但如果我不使用路径变量,它就可以工作。
SUCCESS成功
@RequestMapping(value = "/file")
@Service
public class FileService {
.....
@CrossOrigin(origins="http://localhost:8080", allowCredentials = "true")
@RequestMapping(value = "/getFile", method = RequestMethod.POST)
@ResponseBody
public String getFile(@RequestBody String jsonFileId) {
....
}
}
I'm calling this from javascript, below is the javascript request method.我是从 javascript 调用的,下面是 javascript 请求方法。 url example url 示例
http://localhost:8088/file/getFile/PUML1pZvusTlfBnlW3
fdjElEw8O7iVXfj801GyFF7fWeqyvPzwf1GB9lwha3T9GOoq2KEDaqf01l
3DMRYInV9yHAMfd5_W4vY0S7d0SS9qk
and the request method和请求方法
$.ajax({
url:url,
type:"POST",
data:data,
dataType: 'json',
contentType: "application/json;",
crossDomain:true,
cache:false,
async:true,
success:success,
timeout:30000,
error:function(xhr, textStatus, errorThrown) {
console.log(xhr.responseText);
}
}
});
the javascript error: javascript 错误:
Access to XMLHttpRequest at
'http://localhost:8088/file/getFile/PUML1pZvusTlf....
from origin 'http://localhost:8080' has been blocked by CORS
policy: Response to preflight request doesn't pass access control
check: No 'Access-Control-Allow-Origin' header is present on the
requested resource.
I know I can do without the path variable, but using the path variable is more efficient in my case.我知道我可以不用路径变量,但在我的情况下使用路径变量更有效。 So is there any solution of this issue?那么这个问题有什么解决办法吗? Thanks谢谢
1 个解决方案
解决方案1
3 已采纳 2022-04-15 12:08:36
When you are using path variable there is no POST body and the browser is not sending application/json Content-Type header. You controller endpoint is not matched and the server does not respond with Access-Control-Allow-Origin header to a preflight request.当您使用路径变量时,没有 POST 正文并且浏览器未发送 application/json Content-Type header。您 controller 端点不匹配并且服务器未使用 Access-Control-Allow-Origin header 响应预检请求. Try sending some value in the POST body.尝试在 POST 正文中发送一些值。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.