When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that canno

t be used in conjunction with credentials. Instead, you must specify the exact origins allowed to access the resource with credentials. This is because the Access-Control-Allow-Origin header, which is used to indicate allowed origins, must match the Origin header sent by the client. When credentials are involved, the Origin header is not sent if the allowed origins are set to “*“, which prevents the server from verifying the origin of the request. Therefore, to use credentials, you must specify the exact allowed origins.

相关问题

When allowCredentials is true, allowedOrigins cannot contain the special value "*"

当`allowCredentials`为`true`时，`allowedOrigins`不能包含特殊值"*"，因为它不能设置在"Access-Control-Allow-Origin"响应头中。[1]<span class="em">1</span><span class="em">2</span><span class="em">3</span>
#### 引用[.reference_title]
- *1* *3* [SpringBoot跨域问题：When allowCredentials is true, allowedOrigins cannot contain the special value ...](https://blog.csdn.net/qq_62767608/article/details/127416933)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"]
- *2* [【解决】When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since](https://blog.csdn.net/m0_55710969/article/details/123626123)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"]
[ .reference_list ]

When allowCredentials is true, allowedOrigins cannot contain the special value \"*\

引用和提到了一个关于跨域设置的问题，即当allowCredentials为true时，allowedOrigins不能包含特殊值"*"，因为这不能在"Access-Control-Allow-Origin"响应头中设置。为了允许一组来源的凭据，需要明确列出它们，或者考虑使用"allowedOriginPatterns"代替。引用是一个关于此问题的博客文章链接。因此，当allowCredentials为true时，allowedOrigins不能包含特殊值"*"。<span class="em">1</span><span class="em">2</span><span class="em">3</span>
#### 引用[.reference_title]
- *1* *3* [SpringBoot跨域问题：When allowCredentials is true, allowedOrigins cannot contain the special value ...](https://blog.csdn.net/qq_62767608/article/details/127416933)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT0_1"}}] [.reference_item style="max-width: 50%"]
- *2* [When allowCredentials is true, allowedOrigins cannot contain the special value “*“ since that ...](https://blog.csdn.net/qq_59312178/article/details/126538648)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT0_1"}}] [.reference_item style="max-width: 50%"]
[ .reference_list ]