diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 8843735..25edcf0 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -4,7 +4,7 @@ on: branches: - "develop" - "main" - - "hotfix/cd-script" + - "infra/https-config" pull_request: branches: - "develop" diff --git a/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt b/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt index 6ad99a7..0d0b5c8 100644 --- a/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt +++ b/src/main/kotlin/retepmil/personal/dailysteady/common/security/config/WebConfig.kt @@ -12,7 +12,7 @@ class WebConfig : WebMvcConfigurer { // CORS 설정 override fun addCorsMappings(registry: CorsRegistry) { registry.addMapping("/**") - .allowedOrigins("http://localhost:5173", "http://dailysteady.site/") + .allowedOrigins("http://localhost:5173", "https://dailysteady.site/") .allowedMethods("*") .allowCredentials(true) .exposedHeaders("*") diff --git a/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt b/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt index f4f9673..312f683 100644 --- a/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt +++ b/src/main/kotlin/retepmil/personal/dailysteady/common/security/jwt/JwtTokenProvider.kt @@ -125,7 +125,7 @@ class JwtTokenProvider( .value(refreshTokenValue) .path("/") .maxAge(maxAgeSeconds) - .httpOnly(false) // 배포 환경에서는 true로 설정 필요 + .httpOnly(true) .secure(true) .sameSite("None") .build() @@ -133,7 +133,7 @@ class JwtTokenProvider( fun generateAccessTokenCookie(accessTokenValue: String): ResponseCookie = ResponseCookie.from("x-access-token") .value(accessTokenValue) .maxAge(expirationMiliseconds) - .httpOnly(false) + .httpOnly(true) .secure(true) .sameSite("None") .build()