Springboot Cors configuration works for Get requests but not to Post requests

Question

I am in the following situation, I configured cors. I hosted my app using tomcat10 and the frontend is React. With the development server of Springboot, locally everythin works fine. But when hosted in production, where it should work it does not. This is my configuration

 @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception{
logger.info(keySetUri);

      httpSecurity.oauth2ResourceServer(
              c -> c.jwt(
                      j -> j.jwkSetUri(keySetUri)
              )
      );

        httpSecurity.cors(c -> {
            CorsConfigurationSource source = request -> {
                CorsConfiguration config = new CorsConfiguration();
                config.setAllowedOrigins(
                        List.of("http://192.000.0.000:3000", "http://localhost:3000", "http://www.exemple.com:3001", "http://www.example.com:8080", "http://www.example.com:8081")
                );
                config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
                config.setAllowedHeaders(List.of("*"));

                return config;
            };
            c.configurationSource(source);
        });



        httpSecurity.csrf(c -> c.disable());

        httpSecurity.authorizeRequests()
               // .requestMatchers("/api/admin/**").authenticated() //cors não funciona para post
                .anyRequest().permitAll();
         ;

        return httpSecurity.build();

    }

I get the header Access-Control-Allow-Origin http://www.example.com:3001 for get, options but not to post requests. I am really stuck because the code is there, if it doesn't do what I programmed what can I do?

This is my get request headers

This is my options request headers

this is my Java bugged post request thing

Actually it is not cors is an error um my application. I commented the code and just returned a ResponseEntity and the headers showed for the post as well. — Diego Alves, Commented Jul 8 at 15:13

Diego Alves · Accepted Answer · 2024-07-08 16:09:53Z

0

It turned out that my post received a file that was stored temporarily before sending to S3. Tomcat didn't have permission and a "cors error" was send by Tomcat. So check your code for errors if you are getting Cors where it shouldn't.

answered Jul 8 at 16:09

Diego Alves

2,6073 gold badges39 silver badges74 bronze badges

Add a comment |

Collectives™ on Stack Overflow

Springboot Cors configuration works for Get requests but not to Post requests

1 Answer 1

Not the answer you're looking for? Browse other questions tagged
spring-boot
tomcat
cors
or ask your own question.

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

Not the answer you're looking for? Browse other questions tagged spring-boottomcatcors or ask your own question.

Related

Not the answer you're looking for? Browse other questions tagged
spring-boot
tomcat
cors
or ask your own question.