cors fix

api-module/src/main/java/com/tzld/piaoquan/api/config/CrossOriginConfig.java

@@ -23,11 +23,11 @@ public class CrossOriginConfig implements WebMvcConfigurer {
 
     @Override
     public void addCorsMappings(CorsRegistry registry) {
-        //registry.addMapping("/**")
-        //        .allowedOrigins("*")
-        //        .allowedMethods("*")
-        //        .maxAge(3600)
-        //        .allowCredentials(false);
+        registry.addMapping("/**")
+                .allowedOrigins("*")
+                .allowedMethods("POST", "GET", "PUT", "OPTIONS", "DELETE")
+                .maxAge(3600)
+                .allowCredentials(false);
     }
 
 }

api-module/src/main/java/com/tzld/piaoquan/api/config/JwtInterceptor.java

@@ -46,9 +46,9 @@ public class JwtInterceptor implements HandlerInterceptor {
         if (HttpMethod.OPTIONS.name().equals(request.getMethod())) {
             response.setStatus(HttpServletResponse.SC_OK);
             response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
-            response.setHeader("Access-Control-Allow-Credentials", "false");
-            response.setHeader("Access-Control-Allow-Methods", "*");
-            response.setHeader("Access-Control-Allow-Headers", "Content-Type,token,Authorization");
+            response.setHeader("Access-Control-Allow-Credentials", "true");
+            response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
+            response.setHeader("Access-Control-Allow-Headers", "Content-Type,token,Authorization,X-Requested-With");
             response.setHeader("Access-Control-Max-Age", "3600");
             return true;
         }