Angular + Spring policy CORS

Question

I have a problem. If I send a request from the server to http://localhost:8082/finance/rate/getActualRate I get the following response

Access to XMLHttpRequest at 'http://localhost:8082/finance/rate/getActualRate' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
app.component.ts:45 HttpErrorResponse {headers: HttpHeaders, status: 0, statusText: 'Unknown Error', url: 'http://localhost:8082/finance/rate/getActualRate', ok: false, …}
app.component.ts:42     GET http://localhost:8082/finance/rate/getActualRate net::ERR_FAILED 403 (Forbidden)

But if I send the request to the same address via Postman, everything works fine

I had already added a proxy.conf.json file and was running the application using it

{
  { "/finance": {
    { "target": "http://localhost:8082",
    "secure": false
  }
}

And added Cors configuration to my Gateway(I use Eureka server and redirect requests from front end to microservices via gateway)

package ua.com.alevel.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

import java.util.Arrays;

@Configuration
public class CorsConfig {

    @Bean
    public CorsFilter corsFilter() {
        CorsConfiguration corsConfig = new CorsConfiguration();
        corsConfig.setAllowedOriginPatterns(Arrays.asList("http://localhost:4200")); // Разрешенные источники (здесь можно указать нужные источники)
        corsConfig.addAllowedMethod("*");
        corsConfig.addAllowedHeader("*");
        corsConfig.setAllowCredentials(true);

        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", corsConfig);

        return new CorsFilter(source);
    }
}

Does this answer your question? [Why does my JavaScript code receive a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error, while Postman does not?](https://stackoverflow.com/questions/20035101/why-does-my-javascript-code-receive-a-no-access-control-allow-origin-header-i) — jabaa, Aug 22 '23 at 17:08
Does this answer your question? [How to configure CORS in a Spring Boot + Spring Security application?](https://stackoverflow.com/questions/36968963/how-to-configure-cors-in-a-spring-boot-spring-security-application) — jabaa, Aug 22 '23 at 17:09

score -1 · Answer 1 · answered Aug 22 '23 at 14:44

-1

First of all, your proxy.conf.json is not correctly formatted in your question. It should look like this:

{
  "/finance/*": {
    "target": "http://localhost:8082",
    "secure": false
  }
}

In addition, you should add an asterisk to make sure that the /finance path is continued with additional sub paths.

answered Aug 22 '23 at 14:44

Philipp Kief

8,172
5
33
43

Now I have a different problem. I have Get requests working, but not Post – Artem Dubenko Aug 22 '23 at 16:26
then please update your question or ask a new one so that we can help you here. – Philipp Kief Aug 23 '23 at 06:40

Angular + Spring policy CORS

1 Answers1