From 57ba7295c22636c78fc95f7eb3deb57f9a6e5c50 Mon Sep 17 00:00:00 2001
From: Vishal Mahajan <vishal423@gmail.com>
Date: Sat, 27 Mar 2021 23:05:33 +0530
Subject: [PATCH] Allow CORS settings for frontend server

---
 .../src/main/resources/config/application-dev.yml.ejs         | 4 ++--
 .../templates/src/main/resources/config/application.yml.ejs   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/generators/server/templates/src/main/resources/config/application-dev.yml.ejs b/generators/server/templates/src/main/resources/config/application-dev.yml.ejs
index 4689e1ae1c1..10f293b15b3 100644
--- a/generators/server/templates/src/main/resources/config/application-dev.yml.ejs
+++ b/generators/server/templates/src/main/resources/config/application-dev.yml.ejs
@@ -353,7 +353,7 @@ jhipster:
   # CORS is only enabled by default with the "dev" profile
   cors:
     # Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
-    allowed-origins: "http://localhost:8100"
+    allowed-origins: "http://localhost:8100,http://localhost:9000"
     allowed-methods: "*"
     allowed-headers: "*"
     <%_ if (authenticationType === 'session') { _%>
@@ -367,7 +367,7 @@ jhipster:
   # CORS is disabled by default on microservices, as you should access them through a gateway.
   # If you want to enable it, please uncomment the configuration below.
   # cors:
-  #   allowed-origins: "*"
+  #   allowed-origins: "http://localhost:9000"
   #   allowed-methods: "*"
   #   allowed-headers: "*"
   #   exposed-headers: "Authorization,Link,X-Total-Count"
diff --git a/generators/server/templates/src/main/resources/config/application.yml.ejs b/generators/server/templates/src/main/resources/config/application.yml.ejs
index 231d20fe1c1..a69fb832e46 100644
--- a/generators/server/templates/src/main/resources/config/application.yml.ejs
+++ b/generators/server/templates/src/main/resources/config/application.yml.ejs
@@ -318,7 +318,7 @@ jhipster:
     name: "<%= frontendAppName %>"
   # By default CORS is disabled. Uncomment to enable.
   # cors:
-  #   allowed-origins: "*"
+  #   allowed-origins: "http://localhost:8100,http://localhost:9000"
   #   allowed-methods: "*"
   #   allowed-headers: "*"
   <%_ if (authenticationType === 'session') { _%>