Angular 6 does not add X-XSRF-TOKEN header to http request

前端未结

关注

 7  2075

忘了有多久 2020-12-02 21:06

I\'ve read the docs and all the related questions on SO, but still Angular\'s XSRF mechanism isn\'t working for me: in no way I can make a POST request with the X-XSRF-TOKEN

7条回答

眼角桃花 (楼主)

2020-12-02 21:07

Slightly off topic, but for others who come here, I resolved this issue in the back end by the following (for spring-boot)

     /**
     * CORS config - used by cors() in configure() DO NOT CHANGE the METDHO NAME
     * 
     * @return
     */
    @Bean()
    public CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Lists.newArrayList("http://localhost:4200"));
        configuration.setAllowedMethods(Lists.newArrayList("GET", "POST", "OPTIONS"));
        configuration.setAllowCredentials(true);
        configuration.setAllowedHeaders(Lists.newArrayList("x-xsrf-token", "XSRF-TOKEN"));
        configuration.setMaxAge(10l);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    }

0 讨论(0)

查看其它7个回答