diff --git a/src/main/java/Minari/cheongForDo/global/config/SecurityConfig.java b/src/main/java/Minari/cheongForDo/global/config/SecurityConfig.java index 67348d5..e68660a 100644 --- a/src/main/java/Minari/cheongForDo/global/config/SecurityConfig.java +++ b/src/main/java/Minari/cheongForDo/global/config/SecurityConfig.java @@ -17,6 +17,7 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import java.util.Arrays; +import java.util.List; @Configuration @EnableWebSecurity @@ -44,13 +45,29 @@ public SecurityFilterChain filterChain(HttpSecurity http, JwtUtils jwtUtils) thr return http.build(); } +// @Bean +// public CorsConfigurationSource corsConfigurationSource() { +// CorsConfiguration configuration = new CorsConfiguration(); +// configuration.addAllowedOriginPattern("*"); // 허용할 도메인 설정 +// configuration.setAllowedMethods(Arrays.asList("*")); +// configuration.setAllowedHeaders(Arrays.asList("*")); +// configuration.setAllowCredentials(true); +// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); +// source.registerCorsConfiguration("/**", configuration); +// return source; +// } + @Bean public CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); - configuration.addAllowedOriginPattern("*"); // 허용할 도메인 설정 - configuration.setAllowedMethods(Arrays.asList("*")); - configuration.setAllowedHeaders(Arrays.asList("*")); - configuration.setAllowCredentials(true); + configuration.setAllowedOrigins(Arrays.asList( + "https://minari.vercel.app", + "https://new-mirari-web-git-home-joshmoon827s-projects.vercel.app" + )); + configuration.setAllowedMethods(List.of("*")); + configuration.setAllowedHeaders(List.of("*")); + configuration.setAllowCredentials(true); // 쿠키/세션 전송 허용 + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); return source;