HOTFIX: CORS 설정 추가

Leets-Official · Jul 31, 2024 · 80af3ac · 80af3ac
1 parent 6bf63ad
commit 80af3ac
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/main/java/com/leets/commitatobe/global/config/SecurityConfig.java b/src/main/java/com/leets/commitatobe/global/config/SecurityConfig.java
@@ -42,7 +42,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .loginPage("/login/github"))
                 .authorizeHttpRequests((authorize) ->
                         authorize
-                                .requestMatchers("/", "/v3/api-docs/**", "/swagger-ui/**",
+                                .requestMatchers("/", "/v3/api-docs/**", "/swagger-ui/**", "/commit/**",
                                         "/login/**", "/auth/**", "/h2-console/**", "/error/**").permitAll()
                                 .anyRequest().authenticated()
                 )
@@ -69,6 +69,7 @@ CorsConfigurationSource corsConfigurationSource() {
         configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
         configuration.setAllowCredentials(true);
         configuration.setAllowedHeaders(List.of("*"));
+        configuration.setExposedHeaders(Arrays.asList("Authorization, Authorization-refresh"));
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", configuration);