0

I'm receiving a CORS error when trying to call an Actuator Endpoint from an Angular Application.

I know that I can enable CORS allowed origins in application.yaml of the Spring Boot Application.

But what I'm wondering about is that if I make a request from within a Spring Boot Application i don't get a CORS error.

The following line executed from http://localhost:8080 returns a valid response.

var response = new RestTemplate().getForEntity("https://<HOST>/actuator/info", String.class);

When executing this line from my angular application I get a CORS error

this.httpClient.get('https://<HOST>/actuator/info').subscribe((result: any) => {
      console.log(result);
});

Both calls are made from localhost, the one from Angular causes a CORS error and the one from Spring Boot doesn't.

Can someone explain this difference to me?

Arthur Welsch
  • 269
  • 2
  • 15
  • I think this is a duplicate of https://stackoverflow.com/questions/50237881/angular-cors-request-blocked – I_AM__PAUL Feb 25 '21 at 23:48
  • Thx for your answer, it's not a duplicate. In the linked post it's about general CORS within a node server application. My question is about different behaviour when sending a HTTP Request from within an Angular Application (Client) and a Spring Boot Application (also Client) to the same server – Arthur Welsch Feb 26 '21 at 08:00

1 Answers1

0

I've figured the difference out with the help of CORS with POSTMAN

When sending a request within the Angular Application the Request is sent from the browser and the browser has built in policies which deny to send/get data of a different domain as long as the requested resource doesn't contain the CORS header.

When sending the request within the Spring Boot Application the request is not sent from a browser and so no policies are invoked.

Arthur Welsch
  • 269
  • 2
  • 15