From aa0a787e3fceb525c72dec0cd1496a67902ffaa2 Mon Sep 17 00:00:00 2001
From: litianxiang <litianxiangxtt@163.com>
Date: Tue, 2 Dec 2025 14:27:31 +0800
Subject: [PATCH] =?UTF-8?q?dev=E8=B7=A8=E5=9F=9F=E9=97=AE=E9=A2=98?=
 =?UTF-8?q?=E5=88=9D=E6=AD=A5=E9=AA=8C=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/ai/da/common/security/config/SecurityConfig.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
index b5fce9f2..5473978e 100644
--- a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
+++ b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
@@ -7,6 +7,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -57,7 +58,7 @@ public class SecurityConfig {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
         httpSecurity
-                .cors(AbstractHttpConfigurer::disable)
+                .cors(Customizer.withDefaults())
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers(securityProperties.getIgnorePaths()).permitAll()
                         .anyRequest().authenticated()
@@ -75,7 +76,6 @@ public class SecurityConfig {
                         .successHandler(userLoginSuccessHandler)
                         .failureHandler(userLoginFailureHandler)
                 )
-                .cors(AbstractHttpConfigurer::disable)
                 .csrf(AbstractHttpConfigurer::disable)
                 .sessionManagement(session -> session
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS)