SpringBoot - CORS 해결방안

1. @CrossOrigin

- 인증X

@RestController
public class memberRestController {

	@CrossOrigin("localhost:3000")
    @PostMapping("/joinMember")
    public void joinMember(@RequestBody memberVO mem) {

    }
}

 

2. Security Filter 방식

- 시큐리티 필터에 등록 인증

CorsConfig

@Configuration
public class CorsConfig {

    @Bean
    public CorsFilter corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);       // 내 서버가 응답할 때 json을 JS에서 처리할 수 있게 설정
        config.addAllowedOrigin("*");           // 모든 ip에 응답을 허용
        config.addAllowedHeader("*");           // 모든 header에 응답 허용
        config.addAllowedMethod("*");           // 모든 post,get,put,delete,patch 요청허용
        source.registerCorsConfiguration("/**",config);
        return new CorsFilter(source);
    }

}

WebSecurityConfig

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private CorsFilter corsFilter;
    
    @Override
        protected void configure(HttpSecurity http) throws Exception {
                .addFilter(corsFilter)
        }
        
}

 

3. WebMvcConfigurer

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOrigins("http://localhost:3000")
                .allowedMethods("OPTIONS","GET","POST","PUT","DELETE")
                .allowedHeaders("*")
                .allowCredentials(true)
                .maxAge(3600);
    }
}