Home > OS >  POST blocked by CORS policy, GET, DELETE normally working
POST blocked by CORS policy, GET, DELETE normally working

Time:12-05

i have weird problem with my app. My app is build like this ts(angular) -> java(spring). I was casually adding some Gets from angular to java, also delete requests, but i came to the problem when i was about to add post request. My app is using httpbasic auth. So let me show you some code: This is code from my data service

getCurrentCars(id:number){
    const headers = new HttpHeaders({ 'Content-Type':'application/json',
      'Authorization': 'Basic '   btoa(sessionStorage.getItem('username')   ':'   sessionStorage.getItem('password')) });
    return this.http.get("http://localhost:8080/api/cars/getcurrentcars/" id.toString(),{headers});
  }
  postNewRepair(name:string, description:string, date:string, idCar:number){
    const headers = new HttpHeaders({ 'Content-Type':'application/json',
      'Authorization': 'Basic '   btoa(sessionStorage.getItem('username')   ':'   sessionStorage.getItem('password')) });
    let newrepair:Repair= {name: name, date:date, description:description, idCar:idCar}
    this.http.post("localhost:8080/api/repairs/postRepair",newrepair,{headers}).subscribe(resp => console.log(resp));
  }

get works, post doesnt want to work, BUT FROM POSTMAN POST WORKS FINE

ofc i did some Cors policy disable, here are some examples:

@CrossOrigin(origins = "*", allowedHeaders = "*")
@RestController
@RequestMapping("/api/repairs")
public class ControllerRepair {
@RequestMapping(method = RequestMethod.POST, value = "/postRepair")

    public void postRepair(@RequestParam String name, @RequestParam String date, @RequestParam String description, @RequestParam Long idCar){
        LocalDate date1 = LocalDate.parse(date);
        System.out.println("aaa");
        iRepairService.postRepair(name, date1, description, idCar);
    }
}

here from http config

http
                .cors().and()
                .csrf().disable()
                .authorizeRequests()
                .antMatchers("/api/repairshops/**").hasAuthority("REPAIR_SHOP")
                .antMatchers("/api/clients/**").hasAnyAuthority("CLIENT","REPAIR_SHOP")
                .antMatchers("/login/**").fullyAuthenticated()
                .anyRequest()
                .authenticated()
                .and()
                .httpBasic();

And i also tried this cors config class i found somewhere here on stack but it doesnt work at all and also makes my other get and delete requests not work

Access to XMLHttpRequest at 'localhost:8080/api/repairs/postRepair' from origin 'http://localhost:4200' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.

Maybe i am not using some header in my http post to make it work?

CodePudding user response:

I see you miss 'http' in the post request's url? Let's put it like the previous GET and try again.

this.http.post("http://localhost:8080/api/repairs/postRepair",newrepair,{headers}).subscribe(resp => console.log(resp));

CodePudding user response:

With your current settings (http.cors()) you are using the default cors configuration provided by spring (https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/cors.html). You can use the guide (https://spring.io/blog/2015/06/08/cors-support-in-spring-framework) to configure it for your use case.

If you want to just try it out you can use this as a temporary solution:

@Override
public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**").allowedMethods("*");
}

Page link:https//www.codepudding.com/os/216718.html

Prev:excel data validation multiple selection within the same celle separated by comma
Next:changing transform.position never equal to transform.position transform.forward
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding