CORS setting

prd/src/main/java/site/ocr/prd/SecurityConfig.java

@@ -0,0 +1,33 @@
+package site.ocr.prd;
+
+import java.util.List;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.cors(cors -> {
+            CorsConfigurationSource configurationSource = request -> {  //되게 스크립트같다...
+                CorsConfiguration configuration = new CorsConfiguration();
+                //여러개 추가할거면 addAllowd~가 아니라 setAllowedOrigins 사용하기
+                configuration.setAllowedOrigins(List.of("http://localhost:3000"));
+                configuration.setAllowedMethods(List.of("GET","POST", "PUT","DELETE","OPTION"));
+                configuration.setAllowedHeaders(List.of("*"));
+                return configuration;
+            };
+            cors.configurationSource(configurationSource);
+        })
+        .csrf(AbstractHttpConfigurer::disable); //대체 언제 이런 문법이 생겼냐;
+        return http.build();
+    }
+
+}

prd/src/main/java/site/ocr/prd/WebConfig.java

@@ -1,16 +0,0 @@
-package site.ocr.prd;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-@Configuration
-public class WebConfig implements WebMvcConfigurer {
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**")
-                .allowedOrigins("http://localhost:3000")
-                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
-                .allowCredentials(true);
-    }
-}