Angular + Spring. CORS policy
I have get requests working, but post requests to the server are not working
I'll keep it short. I'm using Spring Cloud From Angular I send a request to Gateway(8082) and it redirects to the microservice I need.
What I've tried so far:
@CrossOrigin(origins = "*")I put it over each controllerWriting a config class. I've been overhauling this config as much as I can.
import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration @EnableWebMvc public class WebConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/auth/user/**") // Specificare il percorso dell'API .allowedOrigins("http://localhost:4200") // Fonte autorizzata. .allowedOrigins("http://localhost:8202") // Fonte autorizzata. .allowedMethods("GET") // Metodi autorizzati .allowedMethods("POST") // Metodi autorizzati .allowedMethods("PUT") // Metodi autorizzati .allowedMethods("DELETE") // Metodi autorizzati .allowCredentials(true); // Consentire l'invio di cookie e intestazioni di autorizzazione } }
Created the proxy.conf.ts file:
{ "/finance/*": { "target": "http://localhost:8082", "secure": false }, "/auth/*": { "target": "http://localhost:8082", "secure": false } }
But still post requests through postman I can send, but through angular I can't:(
Problem
Neither calls to method allowedOrigins nor calls to method allowedMethods have cumulative effects; instead, the last call to each method prevails. In other words, your CORS configuration,
registry.addMapping("/auth/user/**")
.allowedOrigins("http://localhost:4200")
.allowedOrigins("http://localhost:8202") // only this call counts
.allowedMethods("GET")
.allowedMethods("POST")
.allowedMethods("PUT")
.allowedMethods("DELETE") // only this call counts
.allowCredentials(true);
}
is equivalent to the following:
registry.addMapping("/auth/user/**")
.allowedOrigins("http://localhost:8202")
.allowedMethods("DELETE")
.allowCredentials(true);
Your client's Web origin, http://localhost:4200, is therefore not allowed by your CORS configuration; as a result, preflight fails.
Solution
Be aware that methods allowedOrigins and allowedMethods are variadic. Therefore, you should write the following instead:
registry.addMapping("/auth/user/**")
.allowedOrigins("http://localhost:4200", "http://localhost:8202")
.allowedMethods("GET", "POST", "PUT", "DELETE")
.allowCredentials(true);
}
However, because http://localhost:8202 is the Web origin of your server (AFAICT), you shouldn't need to list it as an allowed origin in your CORS configuration.
- Math.Sin() gives incorrect value
- How to run my python script when the sunOS is start booting
- Express-session: not resetting cookie expiration on each request
- Getting a stack overflow exception when normalizing a vector
- Edit default summary function in R gives error for multiple variables
- What was a For loop? Why isn't it needed in R?
- How to use download button in shiny and save results in various formats (csv, texte, pdf, spss...)?
- Why are there two assignment operators, `<-` and `->` in R?
- lm()$assign: what is it?
- How to get the value of list(...) in R and S functions
- Design matrix for MLM from library(lme4) with fixed and random effects
- how to generate elements not included in my sample
- Create a matrix with gradually changing values without a for loop
- Emacs ESS and S-plus ( S+ ) 8.1 compatability
- How to lag date-index in a time-series in R?
- Nonlinear regression in R / S
- Calling R from S-Plus?