angularspring-bootcorspreflight
401 response for CORS preflight OPTIONS request to springboot server
Cross domain request from my angular app to a spring boot backend is blocked by CORS, only with POST, PUT. GET is allowed and working as expected.
Here is my config ..
Backend :
cors filter -
@Configuration
public class CORSConfiguration {
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.setAllowCredentials(true);
corsConfiguration.setAllowedOrigins(Arrays.asList("http://localhost:4200"));
corsConfiguration.setAllowedMethods(Arrays.asList("PUT", "POST", "GET", "DELETE", "OPTIONS"));
corsConfiguration.setAllowedHeaders(Arrays.asList("Origin", "X-Requested-With", "X-Requested-By",
"Content-Type", "Accept", "Authorization"));
source.registerCorsConfiguration("/**", corsConfiguration);
return new CorsFilter(source);
}
}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.cors().and()
.csrf().disable()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/*").authenticated().and()
.jee().mappableAuthorities("xxxxxxx");
}
}
ng :
public postIT(payload: Data): Observable<Data> {
return this.http.post<Data>(url, payload) , {
withCredentials: true
});
}
Errors :
What am I leaving out here? Please let me know.
Solution
The mistake I did was in the web.xml, in which OPTIONS was included in the <security-constraint> element.
Removed it from here and with the rest of the config as is, I no longer see the issue.
- Elasticsearch curl request not working as expected in Angular 4
- how to show this.variable value in observer callback function in chrome debug mode
- Conditional Styling of an Angular component
- How to get the position after drop with cdkDrag?
- Angular Previous page button getting disabled when the next page button gets clicked
- Angular InjectionToken throws 'No provider for InjectionToken'
- Check for browser optional chaining support in Angular project
- Mixing less and sass files in Angular application
- How can I detect/watch "dirty-status" of an angular2-form in the right way?
- Using Angular Signals with HostBinding to update style?
- Angular2 Animation onDone callback
- How can I use angular-calendar in Angular 17 as a standalone project?
- CDK Virtual Scrolling Issue with maxBufferPx not displaying full list
- Angular 18 - Route to nested components
- Angular TestBed.inject
- @types/google.maps: Cannot find name 'google'
- ESlint Angular - no-unused-vars hits type definition
- PrimeNg Editor is not showing up - Angular
- Angular ng build transpile TypeScript outside of app folders?
- Angular 2 ngSwitchCase, OR operator not working
- Angular Material - How to sort the data for mat-table in the loop
- Can Angular Renderer2 setStyle function operate on an element where the style attribute is not yet defined?
- How to add husky and commitlint to angular project
- How to restrict user from opening the succeeding accordions until the form in current accordion is valid in Angular Material?
- use ngSwitch with on object with conditional attributes in Angular2
- Angular Material - How to display data with the loop in the mat-table
- Unable to Authenticate to DevOps API with Angual MSAL
- Navigation customization
- Printing a HTML template as PDF - Angular 2
- Semantic colors in an Angular Material component