您好,我收到以下错误:
Access to XMLHttpRequest at 'https:xyztest.com/as/authorization.oauth2?client_id=newpeteGAQA&redirect_uri=http://localhost:8080/login&response_type=code&scope=openid%20profile&state=B2Rig4'
(redirected from 'http://localhost:8080/health-incidents') from origin 'http://localhost:8081' has been blocked by CORS policy:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
newrelic.js:1 GET https://testxyz.com/as/authorization.oauth2?client_id=newpeteGAQA&redirect_uri=http://localhost:8080/login&response_type=code& ```我已经尝试添加以下标题来修复错误,但它仍然不断给我以上错误,任何输入如何修复这个问题,我应该寻找任何elese我需要作出改变吗?:
Protected void configure(HttpSecurity http) throws Exception {
if (enableAuthentication && !unsecured) {
http
.csrf().disable()
.headers(headers ->
headers
.addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Origin","http://localhost:8081"))
.addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Methods","POST, PUT, GET, OPTIONS, DELETE"))
.addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Credentials","true"))
// .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Headers","Authorization, Content-Type"))
.addHeaderWriter( new StaticHeadersWriter("Access-Control-Allow-Headers", "Origin, Content-Type, Accept, X-Requested-With, remember-me"))
// .addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Origin", "*"))
)
.antMatcher(ANY_PATH).authorizeRequests()
.antMatchers(whitelist).permitAll()
.anyRequest().authenticated()
.and().addFilterAfter(oauth2SsoFilter(), HeaderWriterFilter.class)
.logout()
.logoutSuccessUrl("/login")
.invalidateHttpSession(true)
.deleteCookies("SESSION");
addAuthenticationEntryPoint(http);
} else {
http
.csrf().disable()
.antMatcher(ANY_PATH).authorizeRequests()
.antMatchers(ANY_PATH).permitAll();
}
}
1条答案
按热度按时间q5iwbnjs1#
您可以尝试按照下面的描述创建类。