Spring Cloud Security Disable Cors

Question

I'm building a react front for a spring boot microservices app. I have the Cors policy error when I try to make get requests.

this is my API gateway config:


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

@Configuration
@EnableWebFluxSecurity
public class SecurityConfig {

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity serverHttpSecurity){
        serverHttpSecurity
                .csrf()
                .disable()
                .authorizeExchange(exchange ->exchange.pathMatchers("/eureka/**")
                        .permitAll()
                        .anyExchange()
                        .authenticated())
                .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt);
        return serverHttpSecurity.build();
    }


}

I tried adding this to application.yml but still doesn't work

spring:
  application:
    name: api-gateway
  cloud:
      default-filters:
        - DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin
        - AddResponseHeader=Access-Control-Allow-Origin, *
      globalcors:
        corsConfigurations:
          '[/**]':
            allowedOrigins: "http://127.0.0.1:5173/"
            allowedHeaders: "*"
            allowedMethods:
              - GET
              - POST

https://www.baeldung.com/spring-cors – Berk Kurkcuoglu Jan 17 '23 at 23:33 — Berk Kurkcuoglu, Jan 17 '23 at 23:33
@BerkKurkcuoglu it doesn't work. – Dhia Ammar Jan 18 '23 at 00:08 — Dhia Ammar, Jan 18 '23 at 00:08

Spring Cloud Security Disable Cors

0 Answers0