Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
863 views
in Technique[技术] by (71.8m points)

vue cli每次请求sessionId都不同,已经配置withCredentials

前端的main.js:

axios.defaults.withCredentials=true;

后端的跨域处理:

@Configuration
public class CorsConfig {
 @Bean
 public CorsWebFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedMethod("*");
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.setMaxAge(3600L);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
        source.registerCorsConfiguration("/**", config);
        return new CorsWebFilter(source);
    }
}

但是每次请求的sessionId还是不同,axios.defaults.withCredentials=true; 加和没加一个效果

@vue/cli 4.5.7
springboot:2.3.4

源是http://localhost:8080
目的是http://127.0.0.1:9090
没有跨域的告警,就是每次sessionId都不一样
这个也试了,一样无效
config.addAllowedOrigin("http://localhost:8080/");

难道是本地测试环境的问题?
我找到一个和我应该是一样的问题
https://bbs.csdn.net/topics/3...


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
 config.addAllowedOrigin("*");  这里不对

对于附带身份凭证的请求,服务器不得设置 Access-Control-Allow-Origin 的值为“*”。 这个需要设置成你具体请求的源


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...