[英]Spring Boot CORS Configuration not working when deployed to Google App Engine
我有 2 个 GAE,一个是托管 Spring 引导后端,另一个是 Vue.js 前端。 当我在本地测试它时,CORS 配置工作正常,但是当我部署到 GAE 时,我得到以下响应:
Access to fetch at BACKEND/function from origin FRONTEND has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
我的 Spring 安全 CORS 配置如下所示:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity security) throws Exception {
security.cors().and().csrf().disable().httpBasic().disable();
}
@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList(frontend-url));
configuration.setAllowedMethods(Arrays.asList("POST"));
configuration.setAllowedHeaders(Arrays.asList("*"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}
我已经坚持了将近一天,现在任何帮助都将不胜感激。 如果您需要更多信息,请告诉我。
尝试设置allowed headers
并考虑configuration.setExposedHeaders
:
configuration.setAllowedHeaders(Arrays.asList("Access-Control-Allow-Origin", "Origin"));
也许您需要将GET
添加到allowed methods
:
configuration.setAllowedMethods(Arrays.asList("GET", "POST"));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.