使用@CrossOrigin(origins="*")時會有響應(yīng)頭Access-Control-Allow-Origin: *。這時前端設(shè)置withCredential 會報錯Failed to load http://localhost:8080/test: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://localhost:3000' is therefore not allowed access.
能否對所有的請求網(wǎng)站都設(shè)置對應(yīng)的響應(yīng)頭，如localhost:3000訪問就設(shè)置Access-Control-Allow-Origin: localhost:3000。