Access to XMLHttpRequest at 'http://localhost:8090/user/getotp' from origin 'http://localhost:63342' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Ajax跨域请求问题,设置一下属性就可以了,前端Ajax请求中添加
xhrFields: {withCredentials: true},
后端controller层添加@CrossOrigin(origins = "*", allowCredentials = "true")就可以访问了