Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CORS not work in springboot gateway 4.1.5 #3593

Open
masalinas opened this issue Nov 13, 2024 · 1 comment
Open

CORS not work in springboot gateway 4.1.5 #3593

masalinas opened this issue Nov 13, 2024 · 1 comment
Labels
waiting-for-triage

Comments

@masalinas
Copy link

masalinas commented Nov 13, 2024
edited
Loading

Describe the bug
I checked two configuration options without success:

  • First Option: global cors configuration
server: 
  port: 8080

management:
  endpoint:
    health:
      probes:
        enabled: true

spring:
  servlet:
    multipart:
      max-file-size: 500MB
      max-request-size: 500MB
  application:
    name: uniovi-avib-morphingprojections-gateway
  cloud:
    gateway:
      globalcors:
        add-to-simple-url-handler-mapping: true        
        cors-configurations:
          '[/**]':
            allowedOrigins: "http://localhost:4200"
            allowedMethods: "*"
            allowedHeaders: "*"
            allowCredentials: true
      routes:
        - id: BACKEND_USER
          uri: http://localhost:8082
          predicates:
            - Path=/users/**
        - id: BACKEND_ORGANIZATION
          uri: http://localhost:8082
          predicates:
            - Path=/organizations/**
        - id: BACKEND_PROJECT
          uri: http://localhost:8082
          predicates:
            - Path=/projects/**
        - id: BACKEND_CASE
          uri: http://localhost:8082
          predicates:
            - Path=/cases/**
        - id: BACKEND_ANNOTATION
          uri: http://localhost:8081
          predicates:
            - Path=/annotations/**
        - id: BACKEND_IMAGE
          uri: http://localhost:8082
          predicates:
            - Path=/images/**
        - id: BACKEND_RESOURCE
          uri: http://localhost:8082
          predicates:
            - Path=/resources/**
        - id: BACKEND_PROJECTION
          uri: http://localhost:8083
          predicates:
            - Path=/projections/**
        - id: BACKEND_JOB
          uri: http://localhost:8084
          predicates:
            - Path=/jobs/**
        - id: BACKEND_ANALYTICS
          uri: http://localhost:5000
          predicates:
            - Path=/analytics/**
  • Second Option: local cors configuration from each route
server: 
  port: 8080

management:
  endpoint:
    health:
      probes:
        enabled: true

spring:
  servlet:
    multipart:
      max-file-size: 500MB
      max-request-size: 500MB
  application:
    name: uniovi-avib-morphingprojections-gateway
  cloud:
    gateway:
      routes:
        - id: BACKEND_USER
          uri: http://localhost:8082
          predicates:
            - Path=/users/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true
        - id: BACKEND_ORGANIZATION
          uri: http://localhost:8082
          predicates:
            - Path=/organizations/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_PROJECT
          uri: http://localhost:8082
          predicates:
            - Path=/projects/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_CASE
          uri: http://localhost:8082
          predicates:
            - Path=/cases/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_ANNOTATION
          uri: http://localhost:8081
          predicates:
            - Path=/annotations/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_IMAGE
          uri: http://localhost:8082
          predicates:
            - Path=/images/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_RESOURCE
          uri: http://localhost:8082
          predicates:
            - Path=/resources/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_PROJECTION
          uri: http://localhost:8083
          predicates:
            - Path=/projections/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_JOB
          uri: http://localhost:8084
          predicates:
            - Path=/jobs/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true            
        - id: BACKEND_ANALYTICS
          uri: http://localhost:5000
          predicates:
            - Path=/analytics/**
          metadata:
            cors:
              allowedOrigins: "http://localhost:4200"
              allowedMethods: "*"
              allowedHeaders: "*"
              allowCredentials: true

Sample
The results when try to acces to any url from my angular app is the same usinf both options:

The 'Access to XMLHttpRequest at 'http://localhost:8080/users/[email protected]/email' from origin 'http://localhost:4200' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:4200, *', but only one is allowed', but only one is allowed

NOTE:
@kulturman
Copy link

@masalinas Did you solve the issue? I am also struggling with it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
waiting-for-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@masalinas @kulturman