@[TOC](Spring Security 中 Refused to execute script from ‘https://localhost:xxxx/xx.html’ because its MIME type (‘text/html’) is not executable, and strict MIME type checking is enabled.)
1. 原因
浏览器访问对应的资源没有权限
2. 解决方法
配置不拦截css、js等文件的请求
(1). 目录
(2). 配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests(req ->
req.antMatchers(
"/login/assets/**",
"/index/js/**",
"/index/css/**",
"/index/images/**",
"/index/fonts/**")
.permitAll());
http.formLogin(form ->
form.loginPage("/login/login.html")
.loginProcessingUrl("/login")
.defaultSuccessUrl("/index/index.html")
.permitAll()
).authorizeRequests(req ->
req.antMatchers("/root","/user/login")
.permitAll()
.anyRequest()
.authenticated()
).exceptionHandling(exp ->
exp.accessDeniedPage("/error.html")
).logout(out ->
out.logoutUrl("/logout")
.logoutSuccessUrl("/login/login.html")
).rememberMe(rememberMe ->
rememberMe.tokenRepository(persistentTokenRepository()) // 操作数据库对象
.tokenValiditySeconds(60) // 设置有效时间
.userDetailsService(userDetailsService)
).csrf(AbstractHttpConfigurer::disable);
}