fix(ai): 优化cors配置

2025-05-30 10:30:27 +08:00
parent 0ceb5d7fc3
commit 29859664e3
2 changed files with 1 additions and 39 deletions
--- a/service-ai/service-ai-core/src/main/java/com/lanyuanxiaoyao/service/ai/core/configuration/WebConfiguration.java
+++ b/service-ai/service-ai-core/src/main/java/com/lanyuanxiaoyao/service/ai/core/configuration/WebConfiguration.java
@@ -1,24 +0,0 @@
-package com.lanyuanxiaoyao.service.ai.core.configuration;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-/**
- * web 配置
- *
- * @author lanyuanxiaoyao
- * @date 2023-04-21
- */
-@Configuration
-public class WebConfiguration implements WebMvcConfigurer {
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        // 避免跨域影响调试
-        registry.addMapping("/**")
-                .allowedOriginPatterns("*")
-                .allowCredentials(true)
-                .allowedMethods("*")
-                .maxAge(3600);
-    }
-}
--- a/service-ai/service-ai-core/src/main/java/com/lanyuanxiaoyao/service/configuration/SecurityConfig.java
+++ b/service-ai/service-ai-core/src/main/java/com/lanyuanxiaoyao/service/configuration/SecurityConfig.java
@@ -12,9 +12,6 @@ import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

 /**
 * @author lanyuanxiaoyao
@@ -29,23 +26,12 @@ public class SecurityConfig {
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    return http.authorizeHttpRequests(registry -> registry.anyRequest().authenticated())
        .httpBasic(Customizer.withDefaults())
+        .cors(AbstractHttpConfigurer::disable)
        .csrf(AbstractHttpConfigurer::disable)
-        .cors(configurer -> configurer.configurationSource(corsConfigurationSource()))
        .formLogin(AbstractHttpConfigurer::disable)
        .build();
  }

-  private CorsConfigurationSource corsConfigurationSource() {
-    CorsConfiguration configuration = new CorsConfiguration();
-    configuration.setAllowCredentials(true);
-    configuration.addAllowedHeader("*");
-    configuration.addAllowedMethod("*");
-    configuration.addAllowedOriginPattern("*");
-    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-    source.registerCorsConfiguration("/**", configuration);
-    return source;
-  }
-
  @Bean
  public InMemoryUserDetailsManager userDetailsService(SecurityProperties securityProperties) {
    UserDetails user = User.builder()