header过大引起的跨域失败

背景

前端Vue,后端Springboot,负载均衡Nginx,在Springboot配置跨域后,依然会出现跨域问题,Springboot跨域代码如下:

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class CorsConfig implements WebMvcConfigurer {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
            registry.addMapping("/**")
                    .allowedOrigins("*")
                    .allowCredentials(true)
                    .allowedMethods("GET", "POST", "DELETE", "PUT")
                    .maxAge(3600);
        }
}

但是有时会出现跨域问题,如下:

Access to XMLHttpRequest at 'http://xxx?pageIndex=1&pageSize=10' from origin 'http://xxx.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'http://xxx.com, *', but only one is allowed.

Access to XMLHttpRequest at 'http://xxx' from origin 'http://xxx.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'http://xxx.com, *', but only one is allowed.

排查过程

Nginx Header设置过小

默认情况下,/etc/nginx/nginx.conf文件中的header最大限制是8K,测试发现请求头8K一下时,是没问题的;
如果请求头超过8K,必然会出现400跨域问题

client_header_buffer_size 32k;
large_client_header_buffers 4 32k;

参考:https://www.jianshu.com/p/20a687873bf0

你可能感兴趣的:(header过大引起的跨域失败)