@Override protected void addCorsMappings(CorsRegistry registry) { registry.addMapping("/cors-restricted") .allowedOrigins("http://foo") .allowedMethods("GET", "POST"); registry.addMapping("/cors"); registry.addMapping("/ambiguous") .allowedMethods("GET", "POST"); } }
@Test public void customizedMapping() { this.registry.addMapping("/foo").allowedOrigins("http://domain2.com", "http://domain2.com") .allowedMethods("DELETE").allowCredentials(false).allowedHeaders("header1", "header2") .exposedHeaders("header3", "header4").maxAge(3600); Map<String, CorsConfiguration> configs = this.registry.getCorsConfigurations(); assertEquals(1, configs.size()); CorsConfiguration config = configs.get("/foo"); assertEquals(Arrays.asList("http://domain2.com", "http://domain2.com"), config.getAllowedOrigins()); assertEquals(Arrays.asList("DELETE"), config.getAllowedMethods()); assertEquals(Arrays.asList("header1", "header2"), config.getAllowedHeaders()); assertEquals(Arrays.asList("header3", "header4"), config.getExposedHeaders()); assertEquals(false, config.getAllowCredentials()); assertEquals(Long.valueOf(3600), config.getMaxAge()); }
@Override public void addCorsMappings(final CorsRegistry registry) { registry.addMapping("/**") .allowedHeaders("Access-Control-Allow-Origin", "*", "Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE", "Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept") .allowedOrigins("*") .allowedMethods("*"); } }
@Override public void addCorsMappings(CorsRegistry corsRegistry) { corsRegistry.addMapping("/**") .allowedOrigins("*") .allowedMethods("*") .allowedHeaders("DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range") .maxAge(3600); } }
@Override public void addCorsMappings(CorsRegistry registry) { Cors cors = applicationProperties.getAppConfigs().getCors(); if (cors.getEnabled()) { LOGGER.info("Spring MVC configuration: CORS mappings enabled"); registry.addMapping(cors.getPathPattern()) .allowedOrigins(cors.getAllowedOrigins()) .allowedMethods(cors.getAllowedMethods()) .exposedHeaders(cors.getExposedHeaders()) .allowCredentials(cors.getAllowCredentials()); } else { LOGGER.info("Spring MVC configuration: CORS mappings disabled"); } } };