Add header changes on cors

This commit is contained in:
Paulo Gustavo Veiga 2022-03-06 21:10:45 -08:00
parent 5c201d40df
commit 297931508a
2 changed files with 21 additions and 3 deletions

View File

@ -3,10 +3,14 @@
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd"
>
<bean id="custom-firewall" class="org.springframework.security.web.firewall.StrictHttpFirewall">
<property name="allowSemicolon" value="true"/>
@ -43,6 +47,8 @@
</sec:http>
<sec:http use-expressions="true" pattern="/c/**/*">
<sec:cors configuration-source-ref="corsSource"/>
<sec:csrf request-matcher-ref="requestMatcher"/>
<sec:intercept-url pattern="/c/login" access="permitAll"/>
<sec:intercept-url pattern="/c/registration" access="hasRole('ANONYMOUS')"/>
@ -83,4 +89,16 @@
<property name="alwaysUseDefaultTargetUrl" value="false"/>
</bean>
<bean id="corsSource" class="org.springframework.web.cors.UrlBasedCorsConfigurationSource">
<property name="corsConfigurations">
<util:map>
<entry key="/c/**">
<bean class="org.springframework.web.cors.CorsConfiguration">
<property name="allowedOrigins"
value="https://app.wisemapping.com, https://static-app.wisemapping.com/"/>
</bean>
</entry>
</util:map>
</property>
</bean>
</beans>

View File

@ -23,7 +23,7 @@
</mvc:interceptors>
<mvc:cors>
<mvc:mapping path="/**"
<mvc:mapping path="/c/**"
allowed-origins="https://app.wisemapping.com, https://static-app.wisemapping.com/"/>
</mvc:cors>