Description
Patrik Mihalcin opened DATAREST-1019 and commented
I'm using Spring Boot 1.5.2.RELEASE and dependencies spring-boot-starter-data-rest
and spring-boot-starter-data-jpa
. This transitively pulls in spring-data-rest-core
2.6.1.RELEASE which is supposed to have CORS support based on the reference documentation and DATAREST-573.
My web application works fine and I expose REST api using app property spring.data.rest.base-path=/api
. When I annotate my repo with @CrossOrigin
annotation, e.g.
@CrossOrigin
public interface GroupRepository extends PagingAndSortingRepository<Group, Long>, QueryDslPredicateExecutor<Group> {
List<Group> findByName(@Param("name") String name);
}
Spin up the application and invoke the following curl command:
curl -v -H "Accept: application/hal+json" -H "Origin: http://localhost:1234" http://localhost:8080/api/groups
The server side doesn't return CORS headers: Access-Control-Allow-Credentials
, Access-Control-Allow-Origin
Affects: 3.0 M1 (Kay), 2.6.1 (Ingalls SR1)
Referenced from: pull request #259
Backported to: 2.6.2 (Ingalls SR2)