@[TOC](Spring Security 中 Refused to execute script from ‘https://localhost:xxxx/xx.html’ because its MIME type (‘text/html’) is not executable, and strict MIME type checking is enabled.)

1. 原因

浏览器访问对应的资源没有权限

2. 解决方法

配置不拦截css、js等文件的请求

(1). 目录

(2). 配置

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests(req ->
            req.antMatchers(
                            "/login/assets/**",
                            "/index/js/**",
                            "/index/css/**",
                            "/index/images/**",
                            "/index/fonts/**")
                    .permitAll());
    http.formLogin(form ->
            form.loginPage("/login/login.html")
                    .loginProcessingUrl("/login")
                    .defaultSuccessUrl("/index/index.html")
                    .permitAll()
    ).authorizeRequests(req ->
                    req.antMatchers("/root","/user/login")
                            .permitAll()
                            .anyRequest()
                            .authenticated()
    ).exceptionHandling(exp ->
            exp.accessDeniedPage("/error.html")
    ).logout(out ->
                    out.logoutUrl("/logout")
                            .logoutSuccessUrl("/login/login.html")
    ).rememberMe(rememberMe ->
                    rememberMe.tokenRepository(persistentTokenRepository()) // 操作数据库对象
                    .tokenValiditySeconds(60) // 设置有效时间
                    .userDetailsService(userDetailsService)
    ).csrf(AbstractHttpConfigurer::disable);
}