Ansu
Reputation: 11
Spring Boot 2 and Cors Filter
Using Spring Boot 2.0.2 - How do we suppress or hide Access-Control-Allow-Methods header field in preflight response.
I have a custom CORS filter which adds this header to the response.This is a part of requirement for a penetration testing.Any guidance will be helpful.
Upvotes: 0
Views: 792
Answers (1)
Hasan Can Saral
Reputation: 3288
You can override addCorsMappings method of WebMvcConfigurerAdapter to control what CORS headers are going to be sent to the client:
@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE").allowedOrigins("*")
.allowedHeaders("*");
}
}
Upvotes: 1
Related Questions
- Spring security CORS Filter
- Cors Error when using CorsFilter and spring security
- Spring Boot and CORS
- Spring Boot CORS filter - CORS preflight channel did not succeed
- Spring Boot CORS issue
- Cors filter not working for spring boot
- Configure Spring for CORS
- Spring Boot Cors Filter returning Access-Control-Allow-Origin: null
- CORS filter does not apply for spring oauth/token
- Having issue with CORS filter