Skip to content

Commit 8f5ace3

Browse files
alankoo1995alankoo1995
committed
test cors
1 parent 9e33d33 commit 8f5ace3

File tree

1 file changed

+7
-6
lines changed

1 file changed

+7
-6
lines changed

backend/src/main/java/comp9323/group12/backend/config/SecurityConfig.java

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ protected void configure(HttpSecurity http) throws Exception {
5050
.logoutSuccessHandler(logoutSuccessHandler)
5151
.and()
5252
.authorizeRequests()
53-
.antMatchers( "/api/unauthorized", "/api/signup", "/api/login").permitAll()
53+
.antMatchers( "/api/unauthorized", "/api/signup", "/api/login", "/api/toppost").permitAll()
5454
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
5555
.anyRequest().authenticated()
5656
.and().cors(Customizer.withDefaults());
@@ -61,11 +61,12 @@ CorsConfigurationSource corsConfigurationSource() {
6161
CorsConfiguration configuration = new CorsConfiguration();
6262
configuration.setAllowedOrigins(Arrays.asList("*"));
6363
configuration.setAllowedMethods(Arrays.asList("GET","POST", "OPTIONS", "PUT", "DELETE"));
64-
configuration.setAllowedHeaders(Arrays.asList("X-Requested-With", "Origin", "Content-Type", "Accept",
65-
"Authorization", "Access-Control-Allow-Credentials", "Access-Control-Allow-Headers", "Access-Control-Allow-Methods",
66-
"Access-Control-Allow-Origin", "Access-Control-Expose-Headers", "Access-Control-Max-Age",
67-
"Access-Control-Request-Headers", "Access-Control-Request-Method", "Age", "Allow", "Alternates",
68-
"Content-Range", "Content-Disposition", "Content-Description"));
64+
// configuration.setAllowedHeaders(Arrays.asList("X-Requested-With", "Origin", "Content-Type", "Accept",
65+
// "Authorization", "Access-Control-Allow-Credentials", "Access-Control-Allow-Headers", "Access-Control-Allow-Methods",
66+
// "Access-Control-Allow-Origin", "Access-Control-Expose-Headers", "Access-Control-Max-Age",
67+
// "Access-Control-Request-Headers", "Access-Control-Request-Method", "Age", "Allow", "Alternates",
68+
// "Content-Range", "Content-Disposition", "Content-Description"));
69+
configuration.setAllowedHeaders(Arrays.asList("*"));
6970
configuration.setAllowCredentials(true);
7071
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
7172
source.registerCorsConfiguration("/**", configuration);

0 commit comments

Comments
 (0)