guide cors spring

Table of Contents

CORS configuration in Spring
- Dependency
- Configuration

Warning	Hey there! Seems like you are still using the documentation of our legacy Java repository. Since it won’t be maintained anymore, we recommend you to checkout the new Java page here.

CORS configuration in Spring

Dependency

To enable the CORS support from the server side for your devon4j-Spring application, add the below dependency:

<dependency>
  <groupId>com.devonfw.java.starters</groupId>
  <artifactId>devon4j-starter-security-cors</artifactId>
</dependency>

Configuration

Add the below properties in your application.properties file:

#CORS support
security.cors.spring.allowCredentials=true
security.cors.spring.allowedOriginPatterns=*
security.cors.spring.allowedHeaders=*
security.cors.spring.allowedMethods=OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
security.cors.pathPattern=/**

Attribute	Description	HTTP Header
allowCredentials	Decides the browser should include any cookies associated with the request (`true` if cookies should be included).	Access-Control-Allow-Credentials
allowedOrigins	List of allowed origins (use `*` to allow all orgins).	Access-Control-Allow-Origin
allowedMethods	List of allowed HTTP request methods (`OPTIONS`, `HEAD`, `GET`, `PUT`, `POST`, `DELETE`, `PATCH`, etc.).	-
allowedHeaders	List of allowed headers that can be used during the request (use `*` to allow all headers requested by the client)	Access-Control-Allow-Headers
pathPattern	Ant-style pattern for the URL paths where to apply CORS. Use "/**" to match all URL paths.

This documentation is licensed under the Creative Commons License (Attribution-NoDerivatives 4.0 International).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

guide cors spring

CORS configuration in Spring

Dependency

Configuration

General

spring

Architecture Overview

Layers

Guides

Options

Coding

Tutorials

quarkus

Guides

Clone this wiki locally