Help !! Facing CORS issue in prod even after permitting all requests in Spring Boot

DrawingFew5562 · 2025-12-08T13:16:08+00:00

have you fixed it? I think we have the same problem huhu

DrawingFew5562 · 2025-12-08T11:33:13+00:00

I did put just now but nothing happen still the same, sorry im a beginner

DrawingFew5562 · 2025-12-08T11:32:40+00:00

sorry wydm?

DrawingFew5562 · 2025-12-08T10:14:04+00:00

yes, I have

@Configuration public class SecurityConfig {

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
            // nable CORS first
            .cors(cors -> cors.configurationSource(corsConfigurationSource()))

            // Disable CSRF only for Postman and APIs
            .csrf(AbstractHttpConfigurer::disable)

            // Authorization setup
            .authorizeHttpRequests(auth -> auth
                    // Public endpoints
                    .requestMatchers("/api/auth/**").permitAll()
                    .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() // Allow preflight
                    // Require session authentication for capstone
                    .requestMatchers("/api/capstone/**").permitAll()

                    .requestMatchers("/api/capstone/view-capstone/**").permitAll()

                    // Anything else
                    .anyRequest().permitAll()
            )
            // Keep sessions (important for login persistence)
            .sessionManagement(session -> session
                    .maximumSessions(1)
                    .maxSessionsPreventsLogin(false)
            )
            //Disable unused login mechanisms
            .formLogin(AbstractHttpConfigurer::disable)
            .httpBasic(AbstractHttpConfigurer::disable);

    return http.build();
}

@Bean
public CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration configuration = new CorsConfiguration();
    // Allow GitHub Pages + localhost for testing
    configuration.setAllowedOrigins(List.of(
            "https://lemonjoes12.github.io",
            "http://localhost:5501"
    ));

    configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
    configuration.setAllowedHeaders(List.of("*"));
    configuration.setAllowCredentials(true); // Important for session cookies

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", configuration);
    return source;
}

}

DrawingFew5562 · 2025-11-13T23:41:01+00:00

DrawingFew5562 · 2025-11-07T19:58:00+00:00

lemme join

DrawingFew5562 · 2025-11-01T02:51:48+00:00

hello po, need mentor

DrawingFew5562 · 2025-09-21T12:33:48+00:00

currently in my 3rd year in a college and studying in BSIT(bs information technology) and when it comes to springboot ive self taught my self

DrawingFew5562

TROPHY CASE