CODEWITHSUNDEEP
springkotlinwebsocketcors
Thomas KLING
Thomas KLING

Reputation: 19

Websocket CORS configuration Spring boot

I'm trying to use a Websocket on a Spring boot server.

I'd like to set the allowedOrigins to allow connections from everywhere like this :

@Configuration @EnableWebSocketclass WSConfig : WebSocketConfigurer {
    override fun registerWebSocketHandlers(registry: WebSocketHandlerRegistry) {
        registry.addHandler(ChatHandler(), "/chat").setAllowedOrigins("*").withSockJS()
    }
}

But I get this error message :

When allowCredentials is true, allowedOrigins cannot contain the special value "*" since that cannot be set on the "Access-Control-Allow-Origin" response header. 
To allow credentials to a set of origins, list them explicitly or consider using "allowedOriginPatterns" instead.] with root cause

The thing is that there isn't a method to set allowedOriginPatterns on WebSocketConfigurer. So I don't understand how I should manage this. Same for "Access-Control-Allow-Origin".

I think there is something that I misunderstood but I don't get what.

If you could help me understand ! Any help is appreciated :)

Upvotes: 1

Views: 2142

Answers (1)

CptDayDreamer
CptDayDreamer

Reputation: 1794

Somebody already answered this question. I guess you are using a newer version of Spring Boot (>5.3). They changed something in their code and you have to use

registry.addHandler(ChatHandler(), "/chat").setAllowedOriginPatterns("*").withSockJS();

Simply change from .setAllowedOrigins("*") to .setAllowedOriginPatterns("*") and you should be fine.

According to this thread: How to handle CORS origins with Stomp and SockJS in Spring 5.3 and newer?

Upvotes: 2

Related Questions