From c07cd7d0a94bcd6af5a76e65fe32417f88a6d6f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=A0=95=EB=8F=99=ED=95=98?= Date: Fri, 10 Oct 2025 14:55:25 +0900 Subject: [PATCH] =?UTF-8?q?feat(be):=20cors=EC=84=A4=EC=A0=95=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/security/SecurityConfig.kt | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/src/main/kotlin/com/back/koreaTravelGuide/common/security/SecurityConfig.kt b/src/main/kotlin/com/back/koreaTravelGuide/common/security/SecurityConfig.kt index fda5b99..a6fc6d1 100644 --- a/src/main/kotlin/com/back/koreaTravelGuide/common/security/SecurityConfig.kt +++ b/src/main/kotlin/com/back/koreaTravelGuide/common/security/SecurityConfig.kt @@ -11,6 +11,9 @@ import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.http.SessionCreationPolicy import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter +import org.springframework.web.cors.CorsConfiguration +import org.springframework.web.cors.CorsConfigurationSource +import org.springframework.web.cors.UrlBasedCorsConfigurationSource @Configuration class SecurityConfig( @@ -27,6 +30,7 @@ class SecurityConfig( http { csrf { disable() } + cors { } formLogin { disable() } httpBasic { disable() } logout { disable() } @@ -78,4 +82,25 @@ class SecurityConfig( return http.build() } + + @Bean + fun corsConfigurationSource(): CorsConfigurationSource { + return UrlBasedCorsConfigurationSource().apply { + registerCorsConfiguration( + "/**", + CorsConfiguration().apply { + allowedOriginPatterns = + listOf( + "http://localhost:3000", + "http://localhost:63342", + // 배포주소 + ) + allowedMethods = listOf("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS") + allowedHeaders = listOf("*") + allowCredentials = true + maxAge = 3600 + }, + ) + } + } }