avatic/lcc_tool
avatic/lcc_tool
1
0
Fork 0
Code Issues 31 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Updated CORS configuration to handle empty allowed origins and added placeholder property.

Browse source
This commit is contained in:
Jan 2025-10-30 14:25:09 +01:00
parent c02a716ecc
commit e1791942cb
2 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/main/java/de/avatic/lcc/config/SecurityConfig.java
View file

@ -2,8 +2,8 @@ package de.avatic.lcc.config;
import de.avatic.lcc.model.db.users.User;
import de.avatic.lcc.repositories.users.GroupRepository;
import de.avatic.lcc.service.apps.JwtTokenService;
import de.avatic.lcc.repositories.users.UserRepository;
import de.avatic.lcc.service.apps.JwtTokenService;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
@ -128,7 +128,9 @@ public class SecurityConfig {
origins[i] = origins[i].trim();
}
if (origins.length != 0) {
configuration.setAllowedOrigins(Arrays.asList(origins));
}
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
configuration.setAllowedHeaders(List.of("*"));
configuration.setAllowCredentials(true);

2
src/main/resources/application.properties
View file

@ -21,3 +21,5 @@ spring.flyway.enabled=true
spring.flyway.locations=classpath:db/migration
spring.flyway.baseline-on-migrate=true
spring.sql.init.mode=never
lcc.allowed_cors=