Angular Post 请求在本地调用服务器时工作正常，但在网络上调用服务器时得到 403

我正在使用 Angular 和 Spring Boot 开发一个 Web 应用程序。在本地测试应用程序后，我在渲染上部署了服务器以在网络上测试它。 但如果我向我的服务器发出发布请求，我会收到 403。飞行前选项工作正常。 这是我在 spring boot 中的安全配置

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Arrays.asList("http://yasa.gmbh","https://s995626175.online.de","https://yasa.gmbh","https://s995626175.online.de", "http://localhost:4200"));
        configuration.setAllowedMethods(Arrays.asList("GET","POST", "OPTIONS", "DELETE", "PUT", "PATCH"));
        configuration.setAllowCredentials(true);
        configuration.setAllowedHeaders(Arrays.asList("*"));
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);

        return source;
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        CsrfTokenRequestAttributeHandler requestHandler = new CsrfTokenRequestAttributeHandler();
        // set the name of the attribute the CsrfToken will be populated on
        requestHandler.setCsrfRequestAttributeName(null);
        http
                .csrf((csrf) -> csrf
                        .csrfTokenRequestHandler(requestHandler)
                        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                )
                .cors((cors) -> cors
                        .configurationSource(corsConfigurationSource())
                )
                .addFilterBefore(exceptionHandlerFilter, CorsFilter.class)
                .addFilterBefore(exceptionHandlerFilter, UsernamePasswordAuthenticationFilter.class)
                .addFilterAfter(jwtTokenVerifierFilter, ExceptionHandlerFilter.class)

这是选项请求

Access-Control-Allow-Credentials:
true
Access-Control-Allow-Headers:
access-control-allow-credentials, content-type, x-xsrf-token
Access-Control-Allow-Methods:
GET,POST,OPTIONS,DELETE,PUT,PATCH
Access-Control-Allow-Origin:
http://localhost:4200
Alt-Svc:
h3=":443"; ma=86400
Cache-Control:
no-cache, no-store, max-age=0, must-revalidate
Cf-Cache-Status:
DYNAMIC
Cf-Ray:
85347d8d3f4a9be9-FRA
Content-Length:
0
Date:
Sat, 10 Feb 2024 12:52:38 GMT
Expires:
0
Pragma:
no-cache
Rndr-Id:
73b39463-e1fd-472c
Server:
cloudflare
Strict-Transport-Security:
max-age=31536000 ; includeSubDomains
Vary:
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
X-Content-Type-Options:
nosniff
X-Frame-Options:
DENY
X-Render-Origin-Server:
Render
X-Xss-Protection:
0

这是登录后的信息

:authority:
school-system-ev3t.onrender.com
:method:
POST
:path:
/api/v1/auth/login
:scheme:
https
Accept:
application/json, text/plain, */*
Accept-Encoding:
gzip, deflate, br
Accept-Language:
en-US,en-DE;q=0.9,en;q=0.8,de-DE;q=0.7,de;q=0.6,ar-SY;q=0.5,ar;q=0.4
Access-Control-Allow-Credentials:
true
Cache-Control:
no-cache
Content-Length:
63
Content-Type:
application/json
Origin:
http://localhost:4200
Pragma:
no-cache
Referer:
http://localhost:4200/
Sec-Ch-Ua:
"Not A(Brand";v="99", "Google Chrome";v="121", "Chromium";v="121"
Sec-Ch-Ua-Mobile:
?0
Sec-Ch-Ua-Platform:
"Windows"
Sec-Fetch-Dest:
empty
Sec-Fetch-Mode:
cors
Sec-Fetch-Site:
cross-site
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
X-Xsrf-Token:
67bb57fc-6823-4b2c-b651-25596b871f4d

我已经用邮递员测试了我的服务器端点，它工作正常（但我仍然无法在发送放置请求时更改数据），所以我认为我的 cors 配置有问题，但我不知道我错过了什么。所以请你帮我解决这个问题吗？

注意：我已经在 GCP 上部署了 Spring Boot 应用程序，并且能够发出所有不在数据库上更新或插入数据的请求（登录成功，但某些用户的更新请求会引发 403 错误）

更改 cros 配置，从我的域 yasa.gmbh 等测试服务器... 我已允许所有标头，但没有帮助