3
我有一個在localhost上運行的角度編寫的前端:3002。 我有一個用localhost:8080運行的Spring-boot編寫的後端。JSESSIONID Cookie不存儲
我添加了一個過濾器來處理CORS(我發現SO和適應我的需要):
@Component
public class CORSFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "http://localhost:3002");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
chain.doFilter(request, response);
}
public void destroy() {}
}
當我認證,我可以看到服務器發送一個cookie:
此cookie不隨下列請求一起發送。這導致401點回應:
我看着鉻控制檯的「資源」面板,並發現沒有Cookie保存。
任何想法?