Spring CORS

Code

Controller

@RequestMapping("/somePath")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public class SomeController {}
@RestController
@RequestMapping("/somePath")
public class SomeController {

    @CrossOrigin(origins="*")
    @DeleteMapping(value = "/{key}",method = RequestMethod.DELETE)
    public Object delete(@PathVariable String key) {}

}

Global

  @Bean
  public WebMvcConfigurer corsConfigurer() {
    return new WebMvcConfigurer() {
      @Override
      public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/greeting-javaconfig").allowedOrigins("http://localhost:8080");
      }
    };
  }
@Configuration
public class WebConfig implements WebMvcConfigurer {
  @Override
  public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**")
      .allowedOrigins("http://localhost:8080", "http://localhost:8090")
            .maxAge(3000);
  }
}

SpringSecurity

ref

What Else?