From bb8847031829f75c14688a96c9a6cd575537b54a Mon Sep 17 00:00:00 2001
From: bjkim <bjkim@cuuva.com>
Date: Mon, 1 Sep 2025 19:24:13 +0900
Subject: [PATCH] =?UTF-8?q?[MOD]=20jwt=20cors=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../re/etri/autoflow/common/WebConfiguration.java  | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/src/main/java/kr/re/etri/autoflow/common/WebConfiguration.java b/src/main/java/kr/re/etri/autoflow/common/WebConfiguration.java
index ec1a9e6..d8f1e77 100644
--- a/src/main/java/kr/re/etri/autoflow/common/WebConfiguration.java
+++ b/src/main/java/kr/re/etri/autoflow/common/WebConfiguration.java
@@ -12,16 +12,10 @@ public class WebConfiguration implements WebMvcConfigurer {
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
-                .allowedOriginPatterns("*") // allowedOrigins 대신 사용
-                .allowedMethods(
-                        HttpMethod.GET.name(),
-                        HttpMethod.HEAD.name(),
-                        HttpMethod.POST.name(),
-                        HttpMethod.PUT.name(),
-                        HttpMethod.DELETE.name()
-                )
-                .allowedHeaders("cuuva-jwt", "Content-Type", "Authorization")
-                .exposedHeaders("cuuva-jwt") // 응답 헤더 노출
+                .allowedOriginPatterns("http://localhost:3000", "http://10.10.11.144") // 허용할 Origin 지정
+                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+                .allowedHeaders("*") // 필요하면 "cuuva-jwt", "Content-Type", "Authorization" 명시 가능
+                .exposedHeaders("cuuva-jwt")
                 .allowCredentials(true)
                 .maxAge(3600);
     }