Skip to content

guide cors spring

Jump to bottom
devonfw-core edited this page Dec 13, 2022 · 5 revisions

CORS configuration in Spring

Dependency

To enable the CORS support from the server side for your devon4j-Spring application, add the below dependency:

<dependency>
  <groupId>com.devonfw.java.starters</groupId>
  <artifactId>devon4j-starter-security-cors</artifactId>
</dependency>

Configuration

Add the below properties in your application.properties file:

#CORS support
security.cors.spring.allowCredentials=true
security.cors.spring.allowedOriginPatterns=*
security.cors.spring.allowedHeaders=*
security.cors.spring.allowedMethods=OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
security.cors.pathPattern=/**
Attribute Description HTTP Header

allowCredentials

Decides the browser should include any cookies associated with the request (true if cookies should be included).

Access-Control-Allow-Credentials

allowedOrigins

List of allowed origins (use * to allow all orgins).

Access-Control-Allow-Origin

allowedMethods

List of allowed HTTP request methods (OPTIONS, HEAD, GET, PUT, POST, DELETE, PATCH, etc.).

-

allowedHeaders

List of allowed headers that can be used during the request (use * to allow all headers requested by the client)

Access-Control-Allow-Headers

pathPattern

Ant-style pattern for the URL paths where to apply CORS. Use "/**" to match all URL paths.

Creative Commons License Agreement
This documentation is licensed under the Creative Commons License (Attribution-NoDerivatives 4.0 International).

Clone this wiki locally