When allowCredentials is true, allowedOrigins cannot contain the special value since that cannot
The is Cannot value when that True contain
2023-06-13 09:13:25 时间
问题描述
SpringBoot升级后跨域请求报如下错误
java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.
at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:473)
Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Error has been observed at the following site(s):
*__checkpoint ⇢ com.xxx.cloud.gateway.config.CorsConfig$1 [DefaultWebFilterChain]
*__checkpoint ⇢ com.xxx.cloud.gateway.config.CorsConfig$$Lambda$615/1289462509 [DefaultWebFilterChain]
*__checkpoint ⇢ org.springframework.cloud.gateway.filter.WeightCalculatorWebFilter [DefaultWebFilterChain]
*__checkpoint ⇢ com.alibaba.csp.sentinel.adapter.spring.webflux.SentinelWebFluxFilter [DefaultWebFilterChain]
*__checkpoint ⇢ HTTP GET "/api/auth/v2/api-docs" [ExceptionHandlingWebHandler]
When allowCredentials is true, allowedOrigins cannot contain the special value “*” since that cannot be set on the “Access-Control-Allow-Origin” response header. To allow credentials to a set of origins, list them explicitly or consider using “allowedOriginPatterns” instead. 翻译为: 当allowCredentials为真时, allowedorigin不能包含特殊值"", 因为不能在"Access-Control-Allow-Origin"响应头 中设置该值。要允许凭证到起源,显式地列出它们,或者考虑使用"allowedOriginPatterns"代替。
解决办法
跨域配置报错,将.allowedOrigins替换成.allowedOriginPatterns即可。
@Configuration
public class CorsConfig {
private CorsConfiguration buildConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
//corsConfiguration.addAllowedOrigin("*");
// 跨域配置报错,将.allowedOrigins替换成.allowedOriginPatterns即可。
// 设置允许跨域请求的域名
corsConfiguration.addAllowedOriginPattern("*");
corsConfiguration.addAllowedHeader("*");
// 设置允许的方法
corsConfiguration.addAllowedMethod("*");
// 是否允许证书
corsConfiguration.setAllowCredentials(true);
// 跨域允许时间
corsConfiguration.setMaxAge(3600L);
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", buildConfig());
return new CorsFilter(source);
}
}
要是通过实现WebMvcConfigurer接口的形式,则按照如下修改:
@Configuration
public class CorsConfig implements WebMvcConfigurer {
/**
* 开启跨域
*/
@Override
public void addCorsMappings(CorsRegistry registry) {
// 设置允许跨域的路由
registry.addMapping("/**")
// 设置允许跨域请求的域名
//.allowedOrigins("*")
//跨域配置报错,将.allowedOrigins替换成.allowedOriginPatterns即可。
.allowedOriginPatterns("*")
// 是否允许证书(cookies)
.allowCredentials(true)
// 设置允许的方法
.allowedMethods("*")
// 跨域允许时间
.maxAge(3600);
}
}
相关文章
- ORA-01378: The logical block size (string) of file string is not compatible with the disk sector size (media sector size is string and host sector size is string) ORACLE 报错 故障修复 远程处理
- ORA-23316: the masterdef is string ORACLE 报错 故障修复 远程处理
- ORA-23418: cannot unregister the propagator who is currently in use ORACLE 报错 故障修复 远程处理
- ORA-48444: The single “.” and “*” cannot appear in the middle of the path ORACLE 报错 故障修复 远程处理
- ORA-48466: Internal failure, the report context is not initialized ORACLE 报错 故障修复 远程处理
- ORA-48467: “string” for the keyword “string” is not a valid number ORACLE 报错 故障修复 远程处理
- ORA-48490: The field number exceeds the maximum number [string] ORACLE 报错 故障修复 远程处理
- ORA-53036: An internal table for the mapping document (string) is empty. ORACLE 报错 故障修复 远程处理
- ORA-53254: The SOP INSTANCE UID for the new DICOM object is invalid. ORACLE 报错 故障修复 远程处理
- ORA-13615: The task or object string is greater than the maximum allowable length of 30 characters. ORACLE 报错 故障修复 远程处理
- ORA-13618: The specified value is not a valid value for procedure argument string. ORACLE 报错 故障修复 远程处理
- ORA-13762: The string ranking measure is invalid. ORACLE 报错 故障修复 远程处理
- ORA-13906: The tablespace is not of the right type. ORACLE 报错 故障修复 远程处理
- ORA-13913: The threshold cannot be set when SYSAUX is offline. ORACLE 报错 故障修复 远程处理
- ORA-15554: cannot start workload replay client because the database server is not in PREPARE mode ORACLE 报错 故障修复 远程处理
- ORA-16669: instance cannot be opened because the Active Data Guard option is disabled ORACLE 报错 故障修复 远程处理
- ORA-16703: cannot set property while the database is enabled ORACLE 报错 故障修复 远程处理
- 修复 Ubuntu 中 “E: The package cache file is corrupted, it has the wrong hash”
- MySQL中的rand函数Note: This is a title and not an article. It is within the word limit of 25 characters.(mysql的rand)