kotlin spring security cors 세팅해주기
@Bean
fun filterChain(http: HttpSecurity): SecurityFilterChain {
http.cors().configurationSource(corsConfigurationSource())
.and().csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
http.headers().frameOptions().disable()
http.headers().xssProtection().disable()
return http.build()
}
@Bean
fun corsConfigurationSource(): CorsConfigurationSource {
val configuration = CorsConfiguration()
configuration.allowedOrigins = listOf("http://localhost:8080", "http://localhost:3000", "http://localhost:8081")
configuration.allowedMethods = listOf("GET", "POST", "PUT", "DELETE")
configuration.allowedHeaders = listOf("Origin", "X-Requested-With", "Content-Type", "Authorization", "Oauth-Token")
configuration.maxAge = 3000L
configuration.allowCredentials = true
val source = UrlBasedCorsConfigurationSource()
source.registerCorsConfiguration("/**", configuration)
return source
}
개발자로 입사했지만 정체성을 잃어가는중... 다시 준비 시작이다..