#19: add CORS support

codeforkjeff · May 25, 2020 · 0e9e591 · 0e9e591
1 parent 007d023
commit 0e9e591
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 0 deletions.
diff --git a/pom.xml b/pom.xml
@@ -39,6 +39,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-cache</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.ehcache</groupId>
             <artifactId>ehcache</artifactId>

diff --git a/src/main/java/com/codefork/refine/Application.java b/src/main/java/com/codefork/refine/Application.java
@@ -15,10 +15,16 @@
 import org.springframework.cache.jcache.JCacheCacheManager;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.filter.CommonsRequestLoggingFilter;
 import org.springframework.web.servlet.mvc.method.annotation.AbstractJsonpResponseBodyAdvice;
 
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
@@ -95,4 +101,18 @@ public CommonsRequestLoggingFilter logFilter() {
         return filter;
     }
 
+    @EnableWebSecurity
+    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http.headers().disable();
+            http.csrf().disable();
+            http.cors().configurationSource(request -> {
+                CorsConfiguration c = new CorsConfiguration();
+                c.setAllowedOrigins(new ArrayList<String>(Arrays.asList("*")));
+                return c;
+            });
+        }
+    }
 }