Merge pull request TeamMajorLink#79 from kimdavid0521/feat#71

cors 무시
kchaeeun · Aug 21, 2024 · f9fb8ed · f9fb8ed
2 parents 4e35d53 + 3a509fd
commit f9fb8ed
Showing 1 changed file with 10 additions and 9 deletions.
diff --git a/majorLink/src/main/java/com/example/majorLink/global/config/SecurityConfig.java b/majorLink/src/main/java/com/example/majorLink/global/config/SecurityConfig.java
@@ -31,15 +31,16 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
                 .httpBasic(AbstractHttpConfigurer::disable) // http form login 비활성화
                 .csrf(AbstractHttpConfigurer::disable) // csrf 필터 비활성화 -> cookies 사용하지 않으므로 위험 없음
-                .cors(cors -> cors
-                        .configurationSource(request -> {
-                            CorsConfiguration config = new CorsConfiguration();
-                            config.setAllowedOrigins(Arrays.asList("http://localhost:3000", "http://localhost:3001", "http://127.0.0.1:8080"));
-                            config.setAllowedMethods(Arrays.asList("GET", "POST", "DELETE", "PUT"));
-                            config.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type", "X-Auth-Token")); // 허용할 헤더 설정
-                            return config;
-                        })
-                )
+//                .cors(cors -> cors
+//                        .configurationSource(request -> {
+//                            CorsConfiguration config = new CorsConfiguration();
+//                            config.setAllowedOrigins(Arrays.asList("http://localhost:3000", "http://localhost:3001", "http://127.0.0.1:8080"));
+//                            config.setAllowedMethods(Arrays.asList("GET", "POST", "DELETE", "PUT"));
+//                            config.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type", "X-Auth-Token")); // 허용할 헤더 설정
+//                            return config;
+//                        })
+//                )
+                .cors(AbstractHttpConfigurer::disable) //cors 비활
                 .formLogin(AbstractHttpConfigurer::disable) // basic login 비활성화
                 .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // session 사용 X
                 .addFilterBefore(new JwtAuthenticationFilter(jwtService), UsernamePasswordAuthenticationFilter.class)