-1

Dears ,

I got a strange issue on My Spring Boot Rest Services & angular JS, When VPN on, API throw 'No Access-Control-Allow-Origin' header is present on the requested resource' But Without VPN its working correctly .

@Configuration

public class CorsConfig {

@Bean
public WebMvcConfigurer corsConfigurer() {
    return new WebMvcConfigurerAdapter() {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
            registry.addMapping("/**");
        }
    };
}

}

Pritam Kumar
  • 77
  • 12

1 Answers1

-1

The problem is that browser is sending the option request to server to get the server permission for the request in the form response headers

so, you need to set the following headers in the response as follows

response.setHeader("Access-Control-Allow-Origin", requestOrigin);

response.setHeader("Access-Control-Allow-Methods", JWTConstants.ACCESS_CONTROL_ALLOWED_METHODS);

response.setHeader("Access-Control-Allow-Headers", JWTConstants.ACCESS_CONTROL_ALLOWED_HEADERS);

or you can simply use * in place of request origin so that it will allow any request.

for more info about the topic plz refer

https://www.owasp.org/index.php/Test_Cross_Origin_Resource_Sharing_(OTG-CLIENT-007)

hope this helps you

aditya gupta
  • 403
  • 2
  • 10