fix: cors 오류 설정 변경

map-log · May 21, 2024 · 9f09da4 · 9f09da4
2 parents 5fa185e + cb5a79f
commit 9f09da4
Showing 1 changed file with 17 additions and 1 deletion.
diff --git a/src/main/java/com/mlog/config/WebSecurityConfigure.java b/src/main/java/com/mlog/config/WebSecurityConfigure.java
@@ -15,7 +15,10 @@
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.CorsUtils;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 @RequiredArgsConstructor
 @Configuration
@@ -51,10 +54,23 @@ public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowCredentials(true); // json을 자바스크립트에서 처리할 수 있게 설정
+        config.addExposedHeader(jwtTokenConfigure.getHeader()); // 노출할 헤더 설정
+        config.addAllowedOriginPattern("*"); // 모든 ip의 응답을 허용
+        config.addAllowedHeader("*"); // 모든 header의 응답을 허용
+        config.addAllowedMethod("*"); // 모든 post, put 등의 메서드에 응답을 허용
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);    // 모든 경로에 Cors설정
+        return source;
+    }
+
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http
-                .cors(AbstractHttpConfigurer::disable)
+                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
 
                 .csrf(AbstractHttpConfigurer::disable)