Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring Boot enabling CORS by application.properties

Tags:

cors

spring-boot

I using Spring Boot API RESTful that get up automatically by your Entities Class. I'm consuming this apiRest from a front-end web app but it gives me this error:

No 'Access-Control-Allow-Origin' header is present on the requested resource

I'm setting the CORS configuration using the applicantion.properties specified here.

My basic configuration is:

endpoints.cors.allow-credentials=true
endpoints.cors.allowed-origins=*
endpoints.cors.allowed-methods=*
endpoints.cors.allowed-headers=*

I have tried different combinations in those variables but still not working. Any ideas?

like image 433
user2992476 Avatar asked Mar 18 '17 12:03

user2992476

People also ask

How do I enable CORS in spring boot API?

Enable CORS in Controller Method We need to set the origins for RESTful web service by using @CrossOrigin annotation for the controller method. This @CrossOrigin annotation supports specific REST API, and not for the entire application.

Is CORS enabled by default in spring boot?

Controller Method CORS ConfigurationBy default, its allows all origins, all headers, and the HTTP methods specified in the @RequestMapping annotation.

How do I fix access to XMLHttpRequest at origin has blocked by CORS policy spring boot?

Access to XMLHttpRequest at 'http://localhost:8080/hello' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. You can resolve this problem by enable CORS in Spring Boot.

3 Answers

This is not very clear in the official Spring documentation, and it is very easy to be misled by the official Spring Boot documentation.

The truth is that you CANNOT set the global CORS congfiguration using the application.properties file. You HAVE TO use JavaConfig as described by the Cors chapter from Spring Framework Documentation.

Just use the @EnableWebMvc annotation on a @Configuration class that implements WebMvcConfigurer and overrides the addCorsMappings method as follows:

@Configuration
@EnableWebMvc
public class WebConfig implements WebMvcConfigurer {

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/api/**")
            .allowedOrigins("http://domain2.com")
            .allowedMethods("PUT", "DELETE")
            .allowedHeaders("header1", "header2", "header3")
            .exposedHeaders("header1", "header2")
            .allowCredentials(false).maxAge(3600);
    }
}
like image 101
Gokay Avatar answered Oct 08 '22 05:10

Gokay

I got the answer by myself:

Just add this to application.java

  @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurer() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/greeting-javaconfig").allowedOrigins("http://localhost:9000");
            }
        };
    }
like image 25
user2992476 Avatar answered Oct 08 '22 07:10

user2992476

Spring boot properties prefixed by endpoints.cors.* are used by Actuator so that's why it will not work with MVC endpoints.

like image 15
Rafal Kalicinski Avatar answered Oct 08 '22 06:10

Rafal Kalicinski
Sign in to Comment

Related questions

Multiple data source and schema creation in Spring Boot
Difference between spring-data-jpa and spring-boot-starter-data-jpa
spring-boot gradle plugin can't be found
Trouble when changing Spring Boot version from 2.0.3.RELEASE to 2.1.0.BUILD-SNAPSHOT
Spring Data JPA Unable to locate Attribute with the given name
Hibernate field naming issue with Spring Boot (naming strategy)
Difference between @Controller and RouterFunction in Spring 5 WebFlux
Get spring application environment in thymeleaf
Developing spring boot application with lower footprint
Cannot deserialize value of type `java.util.Date` from String
How to properly convert domain entities to DTOs while considering scalability & testability
Spring Security anonymous 401 instead of 403
Spring Boot Dev Tools Turning them off for production?
Spring boot error:java.lang.ArrayStoreException: sun.reflect.annotation.TypeNotPresentExceptionProxy
Spring-Boot MVC Template Not Loading (404 Not Found)
Add Header Value For Spring TestRestTemplate Integration Test
Difference between @RibbonClient and @LoadBalanced
bootstrap.yml configuration not processed anymore with Spring Cloud 2020.0
How can you make a created_at column generate the creation date-time automatically like an ID automatically gets created?
How to configure CharacterEncodingFilter in SpringBoot?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!