refactor: CORS 설정 AllowedHeaders 추가

HandTris · Jul 12, 2024 · ade6015 · ade6015
1 parent e898bd3
commit ade6015
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/main/java/jungle/HandTris/global/config/WebConfig.java b/src/main/java/jungle/HandTris/global/config/WebConfig.java
@@ -29,7 +29,7 @@ public void addCorsMappings(CorsRegistry registry) {
                 registry.addMapping("/**")
                         .allowedOrigins("http://localhost:3000", "https://handtris.vercel.app")
                         .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
-                        .allowedHeaders("content-type", "authorization", "x-requested-with")
+                        .allowedHeaders("content-type", "Authorization", "Authorization-Refresh", "x-requested-with")
                         .exposedHeaders("Set-Cookie")
 //                        .exposedHeaders("content-type", "x-requested-with")
                         .allowCredentials(true);

diff --git a/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java b/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java
@@ -76,7 +76,7 @@ CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.setAllowedOrigins(Arrays.asList("http://localhost:3000", "https://handtris.vercel.app"));
         configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
-        configuration.setAllowedHeaders(Arrays.asList("content-type", "authorization", "x-requested-with"));
+        configuration.setAllowedHeaders(Arrays.asList("content-type", "Authorization", "Authorization-Refresh", "x-requested-with"));
         configuration.setAllowCredentials(true);
         configuration.setExposedHeaders(Collections.singletonList("Set-Cookie"));
         configuration.setExposedHeaders(Collections.singletonList("Authorization"));