springboot 2.4跨域變化和swagger結合的問題

前言

最近升級老項目,springboot2.2升級2.x最新版,升級項目本身升級很正常,畢竟springboot升級3.x以下,升級3.x需要spring6.x,需要jdk17.但是升級的項目在自測時正常,一旦真正測試就報跨域問題了。排查才發現原來是springboot對跨域做了改變,但是自測時開啟了swagger,swagger有跨域邏輯,且是正確的,spring使用map存儲,相同路徑匹配會被替換,所以兜底了,隱藏了問題😅。其實應該升級到最新版,因為以后升級最新版需要升級JDK17,這個就問題嚴重了,很多兼容性問題,但是畢竟時間有要求,只能過度了。

實際上跨域的原理非常簡單,很多時候架構設計時,可以把跨域給nginx來做,降低后端應用的復雜度。

問題分析

springboot2.7.x示例,增加跨域和swagger,實際上也是無奈之舉,springboot的免費維護版本已經有安全漏洞了,無奈JDK8->17升級代價巨大。

示例

pom

        <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId><version>2.7.18</version></dependency>

代碼,隨意寫

@SpringBootApplication
public class Main {public static void main(String[] args) {SpringApplication.run(Main.class, args);}@GetMapping("/hello")public String demo(){return "hello";}
}

跨域代碼

@Configuration
public class WebConfig implements WebMvcConfigurer {@Overridepublic void addCorsMappings(CorsRegistry registry) {registry.addMapping("/**").allowedOrigins("*").allowedMethods("*").maxAge(3600).allowCredentials(true);}
}

啟動沒什么問題,但是一旦訪問任意接口,即使不跨域訪問

2025-08-09 15:27:52.571 ERROR 1513 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.] with root causejava.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) ~[tomcat-embed-websocket-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]2025-08-09 15:27:52.573 ERROR 1513 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] threw exceptionjava.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:661) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:427) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:357) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:294) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:377) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:237) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:323) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]2025-08-09 15:27:52.574 ERROR 1513 --- [nio-8080-exec-3] o.a.c.c.C.[Tomcat].[localhost]           : Exception Processing ErrorPage[errorCode=0, location=/error]org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:661) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:427) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:357) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:294) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:377) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:237) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:323) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]
Caused by: java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]... 36 common frames omitted2025-08-09 15:27:52.765 ERROR 1513 --- [nio-8080-exec-4] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.] with root causejava.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) ~[tomcat-embed-websocket-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]2025-08-09 15:27:52.769 ERROR 1513 --- [nio-8080-exec-4] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] threw exceptionjava.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:661) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:427) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:357) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:294) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:377) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:237) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:323) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]2025-08-09 15:27:52.771 ERROR 1513 --- [nio-8080-exec-4] o.a.c.c.C.[Tomcat].[localhost]           : Exception Processing ErrorPage[errorCode=0, location=/error]org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.3.31.jar:5.3.31]at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) ~[tomcat-embed-core-9.0.83.jar:4.0.FR]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:102) ~[spring-web-5.3.31.jar:5.3.31]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:661) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:427) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:357) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:294) ~[tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:377) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:237) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:323) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-embed-core-9.0.83.jar:9.0.83]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.83.jar:9.0.83]at java.lang.Thread.run(Thread.java:750) [na:1.8.0_451]
Caused by: java.lang.IllegalArgumentException: When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.at org.springframework.web.cors.CorsConfiguration.validateAllowCredentials(CorsConfiguration.java:495) ~[spring-web-5.3.31.jar:5.3.31]at org.springframework.web.servlet.handler.AbstractHandlerMapping.getHandler(AbstractHandlerMapping.java:532) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.getHandler(DispatcherServlet.java:1266) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1048) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:965) ~[spring-webmvc-5.3.31.jar:5.3.31]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.3.31.jar:5.3.31]... 36 common frames omitted

霹靂吧啦說了一堆,就一句話

When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.

兩種辦法,任選一即可:

1. 不使用*

2. 用allowedOriginPatterns設置

原理分析

這個判斷檢查來源spring 5.3開始,而之所以是springboot2.4開始,是因為springboot2.4引入了spring5.3:https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes

來源于:https://github.com/spring-projects/spring-framework/wiki/Spring-Framework-5.3-Release-Notes

分析源碼也很簡單

看看怎么校驗的

swagger影響

那么看看swagger怎么處理的,實際上swagger也是跨域配置的,比如我們集成swagger。實際上跟swagger本身無關,原因可以是swagger,也可以是其他中間件,只要配置了跨域且正確并在我們自定義跨域的后面的handler即可。

swagger3.0

        <dependency><groupId>io.springfox</groupId><artifactId>springfox-swagger2</artifactId><version>3.0.0</version><exclusions><exclusion><artifactId>jackson-annotations</artifactId><groupId>com.fasterxml.jackson.core</groupId></exclusion></exclusions></dependency><dependency><groupId>io.springfox</groupId><artifactId>springfox-boot-starter</artifactId><version>3.0.0</version></dependency>

寫swagger加載邏輯,重點在swagger跨域配置,這個一定要支持spring5.3,要寫對,比較swagger一般封裝為中間件提供。

swagger3.0在springboot2.6開始的報錯:

org.springframework.context.ApplicationContextException: Failed to start bean 'documentationPluginsBootstrapper'; nested exception is java.lang.NullPointerException...

這個搜索自行解決:可以通過application.yaml配置如下規避

spring:mvc:pathmatch:matching-strategy: ant_path_matcher

此時集成swagger后就可以正常訪問了

原因分析

在org.springframework.web.servlet.config.annotation.WebMvcConfigurerComposite

處理跨域的配置

可以看到swagger的跨域相關的配置是靠后的,其中并不是所有的實現都設置了跨域mapping的,這里的場景只有中間代碼自定義2個實現配置了跨域mapping。所以跨域必然在這2個,按照先后順序加入map中,因為key是相同的,所以,只有swagger的自定義跨域生效。

如果覆寫方法,默認使用接口方法,即什么都不做。

繼續看看最終的效果生效的地方

org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport

其實從spring4.2就是這個邏輯了,只不過從spring5.3把校驗邏輯變了,所以以前不存在任何問題,但是校驗邏輯一變,相同路徑的跨域規則,按照字母加載順序,后面的規則會覆蓋前面的,如果開啟根據配置(環境不同要求不同)加載跨域配置bean的邏輯,那么就會出現很難理解的問題。

至此真相大白。

總結

實際上是spring5.3修改了代碼邏輯,原來的配置已經變了,老配置還可以用,但是校驗不能使用*,只不過是因為在springboot2.4開始集成spring5.3,所以網上都是springboot2.4出現問題,實際上springboot2.4~2.7都是spring5.3.x,是最后最小支持JDK8的版本了。但是因為spring5.3的開源支持策略已經結束,所以一定是升級JDK17的,已經沒有必要升級JDK11了。筆者遇到的這個問題之所以自測沒出現是因為自定義swagger跨域的定制的緣故,跨域配置加載是有順序的,swagger的跨域配置加載順序靠后,spring使用map存儲的,key為路徑表達式,所以一旦swagger加載關閉就現原形了,其實和swagger本身無關,與中間件的跨域配置加載順序有關。

其實springboot中有一個關鍵改動:自動裝配,這個才是一個非常關鍵的改變,影響極大,只不過現在還兼容了以前的裝配模式,所以暫時沒影響。

本文來自互聯網用戶投稿,該文觀點僅代表作者本人,不代表本站立場。本站僅提供信息存儲空間服務,不擁有所有權,不承擔相關法律責任。
如若轉載,請注明出處:http://www.pswp.cn/news/918162.shtml
繁體地址,請注明出處:http://hk.pswp.cn/news/918162.shtml
英文地址,請注明出處:http://en.pswp.cn/news/918162.shtml

如若內容造成侵權/違法違規/事實不符,請聯系多彩編程網進行投訴反饋email:809451989@qq.com,一經查實,立即刪除!

相關文章

AWT 基本組件深入淺出:Button/Label/TextField/Checkbox/Choice/List 全面實戰與性能優化

AWT 基本組件深入淺出:Button/Label/TextField/Checkbox/Choice/List 全面實戰與性能優化

Java AWT 基本組件的原理與用法&#xff0c;提供可運行示例、布局最佳實踐、事件處理與“性能優化”建議&#xff0c;幫助你快速構建穩定的桌面界面。 Java AWT, GUI, Button, Label, TextField, Checkbox, CheckboxGroup, Choice, List, 事件處理, 布局管理器, 性能優化 AWT…
閱讀更多...
邏輯回歸詳解:原理、應用與實踐

邏輯回歸詳解:原理、應用與實踐

邏輯回歸詳解&#xff1a;原理、應用與實踐1. 邏輯回歸的基本原理1.1 線性回歸部分1.2 Sigmoid函數1.3 決策邊界2. 邏輯回歸的損失函數3. 邏輯回歸的應用場景4. 邏輯回歸的優缺點4.1 優點4.2 缺點5. 使用scikit-learn實現邏輯回歸6. 邏輯回歸的改進與擴展6.1 正則化6.2 多分類擴…
閱讀更多...
嵌入式硬件接口總結

嵌入式硬件接口總結

嵌入式系統的核心在于其硬件與軟件的無縫協作&#xff0c;而硬件接口是實現這種協作的物理和邏輯橋梁。它們定義了微控制器、處理器、傳感器、執行器、存儲器以及其他外設之間如何交換數據、電信號和控制信息。 核心概念 接口的定義&#xff1a; 兩個獨立系統或組件之間進行通信…
閱讀更多...
《算法導論》第 14 章 - 數據結構的擴張

《算法導論》第 14 章 - 數據結構的擴張

大家好&#xff01;今天我們來深入學習《算法導論》第 14 章 —— 數據結構的擴張。這一章主要介紹了如何基于現有數據結構&#xff08;如二叉搜索樹&#xff09;擴展出新的功能&#xff0c;以滿足更復雜的問題需求。我們會從動態順序統計樹講到區間樹&#xff0c;每個知識點都…
閱讀更多...
Vue 3.6 Vapor模式完全指南:告別虛擬DOM,性能飛躍式提升

Vue 3.6 Vapor模式完全指南:告別虛擬DOM,性能飛躍式提升

什么是 Vapor 定義: Vue 3.6 新增的編譯/渲染模式&#xff0c;不再構建/對比虛擬 DOM&#xff0c;而是將模板編譯為“直達 DOM 的更新代碼”&#xff0c;以更低內存與更快更新獲得接近 Solid/Svelte 的性能。特點更快: 跳過 VDOM 創建與 diff&#xff0c;直接按依賴精準更新。…
閱讀更多...
Java類和對象課上練習題目設計

Java類和對象課上練習題目設計

我們可以做一個簡易銀行賬戶類&#xff0c;支持存款、取款、查看交易記錄等。 示例&#xff1a;BankAccount 類 java 復制 編輯 public class BankAccount { private String accountNumber; // 賬號 private String ownerName; // 開戶人姓名 private double balance; …
閱讀更多...
Python數據雙效處理:同步轉換與換算的高級技術與工程實踐

Python數據雙效處理:同步轉換與換算的高級技術與工程實踐

引言&#xff1a;轉換與換算在現代數據處理中的核心價值在大數據與實時處理需求激增的時代&#xff0c;高效的數據處理方案成為核心競爭力。根據2025年Python數據工程調查報告&#xff1a;75%的數據處理任務需要同時執行轉換和換算操作優化良好的雙效處理可提升3-8倍性能關鍵應…
閱讀更多...
Go語言實戰案例:文件上傳服務

Go語言實戰案例:文件上傳服務

在 Web 開發中&#xff0c;文件上傳 是常見需求&#xff0c;例如頭像上傳、文檔存儲、圖片分享等功能。Go 語言的標準庫 net/http 已經內置了對 multipart/form-data 類型的支持&#xff0c;能讓我們輕松構建一個文件上傳服務。本文將帶你實現一個可運行的文件上傳接口&#xf…
閱讀更多...
【Lua】常用的庫

【Lua】常用的庫

os庫&#xff1a;os.time() -- 輸出當前時間的時間戳 os.time({year 2014, month 8, day 14}) -- 獲取指定時間的時間戳local nowTime os.date("*t") -- 以表的形式獲取當前的時間信息for k,v in pairs(nowTime) doprint(k,v) end--以上for循環示例輸出 {year 2…
閱讀更多...
Mac上安裝和配置MySQL(使用Homebrew安裝MySQL 8.0)

Mac上安裝和配置MySQL(使用Homebrew安裝MySQL 8.0)

在Mac上安裝MySQL是一個簡單高效的過程&#xff0c;尤其是通過Homebrew這一強大的包管理工具。本文將詳細介紹如何在macOS 15.6系統中使用Homebrew安裝MySQL 8.0版本&#xff0c;并完成基本配置&#xff0c;幫助您快速啟動并安全使用MySQL。1. 安裝Homebrew&#xff08;若未安裝…
閱讀更多...
【Datawhale AI夏令營】從Baseline到SOTA:深度剖析金融問答RAG管道優化之路

【Datawhale AI夏令營】從Baseline到SOTA:深度剖析金融問答RAG管道優化之路

從Baseline到SOTA&#xff1a;深度剖析金融問答RAG管道優化之路 引言 檢索增強生成&#xff08;Retrieval-Augmented Generation, RAG&#xff09;已成為構建知識密集型AI應用的事實標準 1。然而&#xff0c;從一個簡單的“hello world”級別的RAG&#xff0c;進化到一個能在競…
閱讀更多...
AI鑒偽技術:守護數字時代的真實性防線

AI鑒偽技術:守護數字時代的真實性防線

文章目錄一、引言&#xff1a;AI偽造技術的“數字病毒”與鑒偽技術的“免疫疫苗”二、合合信息三大AI鑒偽技術解析2.1 人臉視頻鑒偽技術&#xff1a;毫秒級擊穿“數字假面”2.1.1 技術突破&#xff1a;從“像素級標記”到“多模態交叉驗證”2.2 AIGC圖像鑒別技術&#xff1a;讓…
閱讀更多...
論文reading學習記錄7 - daily - ViP3D

論文reading學習記錄7 - daily - ViP3D

文章目錄前言一、題目和摘要二、引言三、相關工作四、方法五、訓練前言 開沖&#xff0c;清華大學的&#xff0c;帶HDmap的端論文&#xff0c;用的Query&#xff0c;和UniAD一樣。 一、題目和摘要 ViP3D: End-to-end Visual Trajectory Prediction via 3D Agent Queries ViP3…
閱讀更多...
Java學習第一百零九部分——Jenkins(一)

Java學習第一百零九部分——Jenkins(一)

目錄 一、前言簡介 二、核心價值與優勢 三、關鍵概念 四、下載安裝與配置 五、總結歸納概述 一、前言簡介 Jenkins 是一個開源的、基于 Java 的自動化服務器。它的核心使命是實現持續集成和持續交付。簡單來說&#xff0c;Jenkins 是一個強大的工具&#xff0c;用于自動化…
閱讀更多...
微算法科技(NASDAQ:MLGO)使用循環QSC和QKD的量子區塊鏈架構,提高交易安全性和透明度

微算法科技(NASDAQ:MLGO)使用循環QSC和QKD的量子區塊鏈架構,提高交易安全性和透明度

隨著量子計算技術的快速發展&#xff0c;傳統區塊鏈所依賴的加密算法面臨著被破解的潛在風險。量子計算的強大計算能力可能會在未來打破現有加密體系的安全性&#xff0c;從而對區塊鏈中的交易數據造成威脅。為了應對這一挑戰&#xff0c;將量子技術與區塊鏈相結合成為了必然的…
閱讀更多...
MyBatis SQL映射與動態SQL:構建靈活高效的數據訪問層 MyBatis SQL映射與動態SQL:構建靈活高效的數據訪問層

MyBatis SQL映射與動態SQL:構建靈活高效的數據訪問層 MyBatis SQL映射與動態SQL:構建靈活高效的數據訪問層

&#x1f504; MyBatis SQL映射與動態SQL&#xff1a;構建靈活高效的數據訪問層 &#x1f680; 引言&#xff1a;動態SQL是MyBatis框架的核心優勢之一&#xff0c;它讓我們能夠根據不同條件動態構建SQL語句&#xff0c;避免了傳統JDBC中大量的字符串拼接。本文將深入解析MyBati…
閱讀更多...
v-model雙向綁定指令

v-model雙向綁定指令

文章目錄前言v-model.lazy 延遲同步v-model.trim 去掉空格前言 v-model指令是Vue.js中實現雙向數據綁定的一種重要機制。它可以將表單控件的值與Vue.js實例中的數據進行雙向綁定&#xff0c;即當表單控件的值發生變化時&#xff0c;Vue.js實例中的數據也會隨之更新&#xff0c…
閱讀更多...
電腦IP地址是“169.254.x.x”而無法上網的原因

電腦IP地址是“169.254.x.x”而無法上網的原因

一、核心原因&#xff1a;自動私有 IP 地址&#xff08;APIPA&#xff09;的啟用APIPA 機制&#xff1a;這是 Windows 等操作系統內置的一種 “備用方案”。當電腦設置為 “自動獲取 IP 地址”&#xff08;通過 DHCP 協議&#xff09;&#xff0c;但無法從路由器、光貓等網絡設…
閱讀更多...
單片機存儲區域詳解

單片機存儲區域詳解

目錄 單片機內存區域劃分 boot引腳啟動介紹 1. boot引腳的三大啟動區域介紹 1.用戶閃存(User Flash) - 最常用模式 2. 系統存儲區(System Memory) - 出廠預置Bootloader區 3. 內置SRAM啟動(RAM Boot) - 特殊調試模式 2.用戶閃存(User Flash)內存管理詳解 一、用戶閃存中…
閱讀更多...
Go語言實戰案例:簡易JSON數據返回

Go語言實戰案例:簡易JSON數據返回

在現代 Web 應用中&#xff0c;JSON 已成為前后端通信的主流數據格式。Go 語言標準庫內置對 JSON 的良好支持&#xff0c;只需少量代碼就能返回結構化的 JSON 響應。本篇案例將手把手帶你完成一個「返回 JSON 數據的 HTTP 接口」&#xff0c;幫助你理解如何用 Go 語言實現后端服…
閱讀更多...
最新文章

Copyright @ 2022~2023