Spring Cloud整合网关模块的跨域问题

问题描述:
When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.

意思是：当allowCredentials为true时，allowingOrigins不能包含特殊值*因为无法在Access-Control-Allow-Origin响应标头上设置。要允许凭据具有一组来源，请明确列出它们或考虑改用allowedOriginPatterns。

解决：将allowingOrigins换成allowedOriginPatterns即可。

修改前：

public CorsFilter corsFilter() { 
    CorsConfiguration config = new CorsConfiguration(); //允许所有域名进行跨域调用      
    config.addAllowedOrigin("*"); //允许跨越发送cookie 
    config.setAllowCredentials(true); //放行全部原始头信息 
    config.addAllowedHeader("*"); //允许所有请求方法跨域调用 
    config.addAllowedMethod("*"); 
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 
    source.registerCorsConfiguration("/**", config); 
    return new CorsFilter(source); 
}

修改后：

public CorsFilter corsFilter() {
    CorsConfiguration config = new CorsConfiguration();
    //允许所有域名进行跨域调用
    config.addAllowedOriginPattern("*");//替换这个
    //允许跨越发送cookie
    config.setAllowCredentials(true);
    //放行全部原始头信息
    config.addAllowedHeader("*");
    //允许所有请求方法跨域调用
    config.addAllowedMethod("*");
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", config);
    return new CorsFilter(source);
}