-
Notifications
You must be signed in to change notification settings - Fork 40.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SpringBoot 2 Migration Issue with CORS support #12488
Comments
This is due to the change made in Spring Framework for SPR-16130. if (this.allowedOrigins.contains(ALL)) {
if (this.allowCredentials != Boolean.TRUE) {
return ALL;
}
else {
return requestOrigin;
}
} You can restore the behaviour of Spring Framework 4.3 and Spring Boot 1.5 by changing your
/cc @sdeleuze |
@wilkinsona Many thanks for the insight. Since it’s a change to the default, it might be a good addition to the migration guide. |
Thanks for the suggestion. If it's mentioned anywhere, I think it should probably go in Spring Framework's upgrade documentation. What do you think, @sdeleuze? |
Good idea, I have added a CORS support section in Spring Framework 5 upgrade documentation. |
Thanks, @sdeleuze. I've also added a link in Boot's migration guide to Framework's upgrade documentation. |
@wilkinsona you saved my day thanks alot |
Using SpringBoot 1.5.9 with this controller and configuration, CORS requests are allowed (work fine):
However when I migrated to SpringBoot v2.0.0, with the same controller and configration I now get errors in the latest version of Chrome to the same previously working requests:
Per this possibly dated StackOverflow answer, I've tried using this updated configuration, but that still does not work:
How do we get the same CORS functionality possible out of the box with SpringBoot 1.5.9 in SpringBoot 2?
Is there a better way to resolve this without specifying the origin domain?
The text was updated successfully, but these errors were encountered: