Welcome toVigges Developer Community-Open, Learning,Share
Ask a Question
Welcome To Ask or Share your Answers For Others

Categories

vue cli每次请求sessionId都不同,已经配置withCredentials

0 votes
1.1k views
in Technique[技术] by (71.8m points)

vue cli每次请求sessionId都不同,已经配置withCredentials

前端的main.js:

axios.defaults.withCredentials=true;

后端的跨域处理:

@Configuration
public class CorsConfig {
 @Bean
 public CorsWebFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedMethod("*");
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.setMaxAge(3600L);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
        source.registerCorsConfiguration("/**", config);
        return new CorsWebFilter(source);
    }
}

但是每次请求的sessionId还是不同,axios.defaults.withCredentials=true; 加和没加一个效果

@vue/cli 4.5.7
springboot:2.3.4

源是http://localhost:8080
目的是http://127.0.0.1:9090
没有跨域的告警,就是每次sessionId都不一样
这个也试了,一样无效
config.addAllowedOrigin("http://localhost:8080/");

难道是本地测试环境的问题?
我找到一个和我应该是一样的问题
https://bbs.csdn.net/topics/3...


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points) 
 config.addAllowedOrigin("*");  这里不对

对于附带身份凭证的请求,服务器不得设置 Access-Control-Allow-Origin 的值为“*”。 这个需要设置成你具体请求的源


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to Vigges Developer Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

2.1m questions

2.1m answers

63 comments

56.5k users

Most popular tags

Snow Theme by Q2A Market
Powered by Question2Answer
...