From 8388527e0b169eb4acba9a4bbf62939095b7a75f Mon Sep 17 00:00:00 2001 From: haider Date: Thu, 5 Dec 2024 12:44:42 +0000 Subject: [PATCH] Always add CORS headers --- .../ols/config/CrossOriginResourceSharingFilter.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/backend/src/main/java/uk/ac/ebi/spot/ols/config/CrossOriginResourceSharingFilter.java b/backend/src/main/java/uk/ac/ebi/spot/ols/config/CrossOriginResourceSharingFilter.java index ede50065..a68d9bfb 100644 --- a/backend/src/main/java/uk/ac/ebi/spot/ols/config/CrossOriginResourceSharingFilter.java +++ b/backend/src/main/java/uk/ac/ebi/spot/ols/config/CrossOriginResourceSharingFilter.java @@ -32,6 +32,11 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; + // Alwasy add CORS headers. add CORS "pre-flight" request headers + httpResponse.addHeader("Access-Control-Allow-Origin", "*"); + httpResponse.addHeader("Access-Control-Allow-Headers", "*"); + httpResponse.addHeader("Access-Control-Allow-Methods", "GET"); + httpResponse.addHeader("Access-Control-Max-Age", "3600"); // is this a CORS request? if (httpRequest.getHeader("Origin") != null) { @@ -39,11 +44,6 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha String requestURI = httpRequest.getRequestURI(); getLog().trace("Possible cross-origin request received from '" + origin + "' to IRI: " + "'" + requestURI + "'. Enabling CORS."); - - // add CORS "pre-flight" request headers - httpResponse.addHeader("Access-Control-Allow-Origin", "*"); - httpResponse.addHeader("Access-Control-Allow-Headers", "*"); - httpResponse.addHeader("Access-Control-Allow-Methods", "GET"); } chain.doFilter(request, response);