[Solved][CORS] Access to XMLHttpRequest at 'https://...' from origin 'https://...' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested reso..

문제상황

무사히 배포를 한 뒤에 프론트와 연결하자마자 뜬 에러. 

 

 

해결방법

 

기존에 했던 cors설정을 다 뒤엎었다.

 

[CorsConfig]

@Configuration
public class CorsConfig {

  @Bean
  public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowCredentials(true);
    configuration.addAllowedOriginPattern("*");
    configuration.addAllowedHeader("*");
    configuration.addAllowedMethod("*");

    source.registerCorsConfiguration("/**", configuration);
    return new CorsFilter(source);
  }
}

[Security Config]

@Bean
  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http.addFilter(corsConfig.corsFilter());

    http.csrf().disable()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .authorizeRequests()
//                .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
        .antMatchers("/**").permitAll()