Spring boot 使用spring云网关时出现Cors错误
现在,我已经花了三天的时间研究它。但我想是时候寻求帮助了。我正在使用SpringCloudGateway,我有一个使用SpringSecurity的用户管理服务。我面临的问题是,每当我通过spring cloud gateway发送请求时,我都会收到以下cors错误:Spring boot 使用spring云网关时出现Cors错误,spring-boot,spring-security,spring-cloud-gateway,Spring Boot,Spring Security,Spring Cloud Gateway,现在,我已经花了三天的时间研究它。但我想是时候寻求帮助了。我正在使用SpringCloudGateway,我有一个使用SpringSecurity的用户管理服务。我面临的问题是,每当我通过spring cloud gateway发送请求时,我都会收到以下cors错误: Access to fetch at 'http://172.16.0.241:8080/user-management/signin' from origin 'http://172.16.0.191:3006' has bee
Access to fetch at 'http://172.16.0.241:8080/user-management/signin' from origin 'http://172.16.0.191:3006' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '*, http://172.16.0.191:3006', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
但是如果我直接点击用户管理服务,它就可以正常工作。这就是我的webconfig在usermanagement中的样子(我使用的是SpringSecurity)
这是api网关中的YAML文件:
sara:
app:
jwtExpirationMs: 86400000
jwtSecret: userserviceSecretKey
server:
port: 8080
# spring:
# application:
# name: sara-api-gateway
# cloud:
# gateway:
# routes:
# - id: extract-service
# uri: lb://sara-extract-service
# predicates:
# - Path=/extract-service/**
spring:
cloud:
gateway:
routes:
- id: user-management
uri: lb://User-service
predicates:
- Path=/user-management/**
filters:
- CustomFilter
- id: extract-service
uri: lb://sara-extract-service
predicates:
- Path=/extract-service/**
# filters:
# - CustomFilter
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods: "*"
allowedHeaders: "*"
这是前端的“获取请求”选项:
const requestOptions = {
method: 'POST',
headers: { 'Content-Type': 'application/json',
'Access-Control-Allow-Origin':'*'
},
mode:'cors',
body: JSON.stringify(requestBody)
};
我可以告诉你我尝试了什么,但此时我的头脑已经变得模糊,我最好的猜测是,要么我没有在我的用户管理服务中正确配置webconfig文件(Cors和csrf被禁用),要么Spring cloud gateway正在修改请求并将其传递到下游,因为我得到了这个错误
调查结果:
- 有一个提取服务可以通过api网关正常运行
- 如果我使用Moseif cors扩展,我可以通过api网关发送请求,并且它可以工作
- 如果我直接向我的用户管理服务发送请求,它就会工作
const requestOptions = {
method: 'POST',
headers: { 'Content-Type': 'application/json',
'Access-Control-Allow-Origin':'*'
},
mode:'cors',
body: JSON.stringify(requestBody)
};