Skip to content

Commit

Permalink
fix: spring security cors 허용
Browse files Browse the repository at this point in the history
ChoiWonYu committed Sep 13, 2024
1 parent 319dbbc commit 734b282
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/main/java/com/first/flash/global/config/SecurityConfig.java
Original file line number Diff line number Diff line change
@@ -19,6 +19,8 @@
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

@Configuration
@EnableWebSecurity
@@ -38,7 +40,15 @@ public class SecurityConfig {
@Bean
public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {
return http.csrf(AbstractHttpConfigurer::disable)
.cors(AbstractHttpConfigurer::disable)
.cors(cors->cors.configurationSource(request -> {
var corsConfiguration = new CorsConfiguration();
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfiguration);
return corsConfiguration;
}))
.sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(
SessionCreationPolicy.STATELESS))
.formLogin(AbstractHttpConfigurer::disable)

0 comments on commit 734b282

Please sign in to comment.