'Access-Control-Allow-Origin' must not be the wildcard '*'

我在a.com下跨域调用b.com的接口：

return HttpService.ajax({
    url: config.URL_GET_GIFT,
    type: 'GET',
    dataType: 'json',
    data: params,
    xhrFields:{
        withCredentials:true
    }
});

然后b.com下nginx配置为：

#跨域访问
map $http_origin $other_domain {
    default  0;
    "~http://m.jd.id" http://m.jd.id;
    "~https://m.jd.id" https://m.jd.id;
}

server {
    listen 80;
    server_name vip.jd.id;

    
    location / {
        proxy_pass http://127.0.0.1:8100/;

        proxy_set_header Cookie $http_cookie;
        proxy_cookie_domain localhost nginx_server;
        add_header Access-Control-Allow-Origin http://a.com;
        add_header Access-Control-Allow-Headers Content-Type;
        add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
        add_header Access-Control-Allow-Credentials true;
    }
}

a.com中nginx配置为：
server {

listen 80;
server_name a.id;

location / {
    proxy_pass http://127.0.0.1:8097/;
}

}

同时b.com后台配置了：

corsConfiguration.addAllowedOrigin("http://a.com/");

但是控制台出现了错误：

The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://a.com' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

请问怎么解决？