Access to XMLHttpRequest at 'http://localhost:8080/blog/updatePost/2' from origin 'http://localhost:3000' has been blocked by CORS policy:

Question

Even though I used @CrossOrigin annotation this error still appears. Spring boot app is running on 8080 port and react app is running on 3000 port.

Error:

If further information is needed, please let me know.

This is a known issue while using spring-boot please checkout the last part of this answer https://stackoverflow.com/a/46372630/3651739 — Jishnu Prathap, Oct 31 '22 at 13:34
I tried to do a update using PUT method. and I use spring security in backend — Nimasha Madhushani, Oct 31 '22 at 15:12

score 1 · Accepted Answer · answered Oct 31 '22 at 14:18

1

I assume you are using spring security. @CrossOrigin filter might have a lower precedence over spring security filters. Try to configure CORS using spring security.

answered Oct 31 '22 at 14:18

sanurah

976
1
6
16

I resolved the problem. I put the way I have done it below as an answer. thank you for the support. – Nimasha Madhushani Nov 01 '22 at 11:58

Nimasha Madhushani · Answer 2 · 2022-11-18T06:55:19.350

I resolved my issue with the answer given by @Sanura. Then blockage done by the CORS is avoided.

 @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().authorizeRequests().antMatchers("/auth/login", "/auth/register","/post/savePost", "/post/**", "/post/getPost/{id}","/post/updatePost/{id}")
                .permitAll().anyRequest().authenticated()
                .and().exceptionHandling().and().sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
    }

I added the routes to the configure method as above.

The below mentioning code sample also can be used instead of this.

package com.myapp.springboot.configs;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.web.servlet.config.annotation.CorsRegistry;
    import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
    
    @Configuration
    public class WebMvcConfiguration implements WebMvcConfigurer {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
            registry.addMapping("/*").
            allowedOrigins("*").
            allowedMethods("*").
            allowedHeaders("*").
            allowCredentials(true);
        }
    }

Thank you for your support.

Access to XMLHttpRequest at 'http://localhost:8080/blog/updatePost/2' from origin 'http://localhost:3000' has been blocked by CORS policy:

2 Answers2