Springboot 跨域配置无效及接口访问报错的解决方法
跨域配置如下,Springboot版本为2.4.1
///跨域访问配置
@Configuration
publicclassCorsConfig{
privateCorsConfigurationbuildConfig(){
CorsConfigurationcorsConfiguration=newCorsConfiguration();
corsConfiguration.setAllowCredentials(true);//sessionid多次访问一致
corsConfiguration.addAllowedOrigin("*");//允许任何域名使用
corsConfiguration.addAllowedHeader("*");//允许任何头
corsConfiguration.addAllowedMethod("*");//允许任何方法(post、get等)
returncorsConfiguration;
}
@Bean
publicCorsFiltercorsFilter(){
UrlBasedCorsConfigurationSourcesource=newUrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**",buildConfig());//对接口配置跨域设置
returnnewCorsFilter(source);
}
}
问题:跨域配置无效,访问接口报如下错误
java.lang.IllegalArgumentException:WhenallowCredentialsistrue,allowedOriginscannotcontainthespecialvalue"*"sincethatcannotbesetonthe"Access-Control-Allow-Origin"responseheader.Toallowcredentialstoasetoforigins,listthemexplicitlyorconsiderusing"allowedOriginPatterns"instead. atorg.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:453)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.cors.CorsConfiguration.checkOrigin(CorsConfiguration.java:557)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.cors.DefaultCorsProcessor.checkOrigin(DefaultCorsProcessor.java:174)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.cors.DefaultCorsProcessor.handleInternal(DefaultCorsProcessor.java:116)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.cors.DefaultCorsProcessor.processRequest(DefaultCorsProcessor.java:95)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:87)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)~[spring-web-5.3.2.jar:5.3.2] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)~[spring-web-5.3.2.jar:5.3.2] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)~[spring-web-5.3.2.jar:5.3.2] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)~[spring-web-5.3.2.jar:5.3.2] atorg.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)~[spring-web-5.3.2.jar:5.3.2] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)~[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597)[tomcat-embed-core-9.0.41.jar:9.0.41] atorg.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)[tomcat-embed-core-9.0.41.jar:9.0.41] atjava.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)[na:1.8.0_60] atjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)[na:1.8.0_60] atorg.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)[tomcat-embed-core-9.0.41.jar:9.0.41] atjava.lang.Thread.run(Thread.java:745)[na:1.8.0_60]
分析:
由于我是升级了Springboot到2.4.1版本之后才出现的这个问题,再结合报错信息提示不能使用*号设置允许的Origin,所以有两个解决方法。
解决方法:
1、降低Springboot版本
4.0.0 org.springframework.boot spring-boot-starter-parent 2.3.5.RELEASE
2、如果不降低版本,则在跨域设置时使用setAllowedOriginPatterns方法
///跨域访问配置
@Configuration
publicclassCorsConfig{
privateCorsConfigurationbuildConfig(){
CorsConfigurationcorsConfiguration=newCorsConfiguration();
corsConfiguration.setAllowCredentials(true);//sessionid多次访问一致
//允许访问的客户端域名
ListallowedOriginPatterns=newArrayList<>();
allowedOriginPatterns.add("*");
corsConfiguration.setAllowedOriginPatterns(allowedOriginPatterns);
//corsConfiguration.addAllowedOrigin("*");//允许任何域名使用
corsConfiguration.addAllowedHeader("*");//允许任何头
corsConfiguration.addAllowedMethod("*");//允许任何方法(post、get等)
returncorsConfiguration;
}
@Bean
publicCorsFiltercorsFilter(){
UrlBasedCorsConfigurationSourcesource=newUrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**",buildConfig());//对接口配置跨域设置
returnnewCorsFilter(source);
}
}
到此这篇关于Springboot跨域配置无效及接口访问报错的解决方法的文章就介绍到这了,更多相关Springboot跨域配置内容请搜索毛票票以前的文章或继续浏览下面的相关文章希望大家以后多多支持毛票票!