Skip to content

Commit

Permalink
Added: Allow required headers
Browse files Browse the repository at this point in the history
  • Loading branch information
djuarezgf committed Feb 8, 2024
1 parent 621a781 commit 33097d1
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,3 +94,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
- New email if authentication script for DataSHIELD has changed
- Explorer URL in CORS
- Oauth2 Resource Server configuration
- Allow required headers
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList(frontendConfiguration.getBaseUrl(), explorerUrl));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "OPTIONS"));
//configuration.setAllowedHeaders(Arrays.asList("Origin", "Content-Type", "Accept", "Authorization")); // Allow required headers
configuration.setAllowedHeaders(Arrays.asList("Origin", "Content-Type", "Accept", "Authorization")); // Allow required headers
configuration.setAllowCredentials(true); // Allow credentials
configuration.setExposedHeaders(Arrays.asList(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)); // Expose required headers
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
Expand Down

0 comments on commit 33097d1

Please sign in to comment.