Fix(#64): cors 적용 에러 #65
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| package org.nexters.jaknaesoserver.config; | ||
|
|
||
| import java.util.List; | ||
| import org.springframework.beans.factory.annotation.Value; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.web.cors.CorsConfiguration; | ||
| import org.springframework.web.cors.CorsConfigurationSource; | ||
| import org.springframework.web.cors.UrlBasedCorsConfigurationSource; | ||
|
|
||
| @Configuration | ||
| public class CorsConfig { | ||
|
|
||
| private static final String LOCAL_URL = "http://localhost:3000"; | ||
| private static final String JAKNAESO_WEB_VERCEL_APP = "https://jaknaeso-web.vercel.app"; | ||
|
|
||
| @Value("${cors.origins.api-doc}") | ||
| private String API_DOC_HOST; | ||
|
|
||
| @Bean | ||
| public CorsConfigurationSource corsConfigurationSource() { | ||
|
|
||
| final CorsConfiguration corsConfiguration = new CorsConfiguration(); | ||
| corsConfiguration.setAllowedOrigins(List.of(API_DOC_HOST, LOCAL_URL, JAKNAESO_WEB_VERCEL_APP)); | ||
| corsConfiguration.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE")); | ||
| corsConfiguration.addAllowedHeader("*"); | ||
| corsConfiguration.setAllowCredentials(true); | ||
|
|
||
| UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); | ||
| source.registerCorsConfiguration("/**", corsConfiguration); | ||
| return source; | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -12,6 +12,7 @@ | |||||
| import org.springframework.security.config.http.SessionCreationPolicy; | ||||||
| import org.springframework.security.web.SecurityFilterChain; | ||||||
| import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; | ||||||
| import org.springframework.web.cors.CorsConfigurationSource; | ||||||
|
|
||||||
| @RequiredArgsConstructor | ||||||
| @EnableWebSecurity | ||||||
|
|
@@ -20,6 +21,7 @@ public class SecurityConfig { | |||||
|
|
||||||
| private final SecurityExceptionHandler securityExceptionHandler; | ||||||
| private final JwtAuthFilter jwtAuthFilter; | ||||||
| private final CorsConfigurationSource corsConfigurationSource; | ||||||
|
|
||||||
| @Bean | ||||||
| public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { | ||||||
|
|
@@ -32,6 +34,7 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti | |||||
| .permitAll() | ||||||
| .anyRequest() | ||||||
| .authenticated()) | ||||||
| .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource)) | ||||||
|
There was a problem hiding this comment. 이건 그냥 궁금해서 물어보는건데 제가 공식문서를 제대로 읽은건지 모르겠는데..기존 세팅에서
Suggested change
쓰면 저희 Mvc 설정 따라가는걸까요 ?? https://docs.spring.io/spring-security/reference/servlet/integrations/cors.html There was a problem hiding this comment. 민혁님 말씀이 맞는 것 같아요. |
||||||
| .formLogin(AbstractHttpConfigurer::disable) | ||||||
| .logout(AbstractHttpConfigurer::disable) | ||||||
| .httpBasic(AbstractHttpConfigurer::disable) | ||||||
|
|
||||||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
저도 찾아보니까 이거 쿠키관련 설정이라고 하던데 저희 쿠키안쓰는데 true로 해야되는건가요 ??
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
그렇네요. 쿠키 사용 안 하네요! 제거하도록 하겠습니다.