Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Bean
- public FilterRegistrationBean corsFilter() {
- CorsConfiguration config = new CorsConfiguration();
- config.addAllowedOrigin("https://example.com");
- config.addAllowedHeader("*");
- config.addAllowedMethod("GET");
- config.addAllowedMethod("PUT");
- config.addAllowedMethod("POST");
- config.addAllowedMethod("DELETE");
- config.addAllowedMethod("PATCH");
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- source.registerCorsConfiguration("/**", config);
- FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
- bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
- return bean;
- }
- server {
- ...
- location / {
- proxy_pass http://localhost:3000;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection 'upgrade';
- proxy_set_header Host $host;
- proxy_cache_bypass $http_upgrade;
- }
- location /api/v1/ {
- proxy_pass http://localhost:3001;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection 'upgrade';
- proxy_set_header Host $host;
- proxy_cache_bypass $http_upgrade;
- }
- ...
- }
- "$request" $status "$http_referer" "$http_user_agent"
- "OPTIONS /api/v1/oauth/token?grant_type=password&username=user%40example.com&password=****" 403 "https://www.example.com/login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36"
- "OPTIONS /api/v1/oauth/token?grant_type=password&username=user%40example.com&password=****" 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
- URL: https://example.com:3001/api/v1/oauth/token?grant_type=password&username=user%40example.com&password=****
- Method: POST
- Headers:
- Authorization: Basic XXXXXXXXXXX=
- Content-Type: application/x-www-form-urlencoded
- Body: undefined
- OPTIONS /api/v1/oauth/token?grant_type=password&username=user%40example.com&password=**** HTTP/1.1
- Host: https://example.com:3001
- Connection: keep-alive
- Access-Control-Request-Method: POST
- Origin: https://example.com:3000
- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
- Access-Control-Request-Headers: authorization
- Accept: */*
- Referer: https://example.com:3000/login
- Accept-Encoding: gzip, deflate
- Accept-Language: en-US,en;q=0.8,sv;q=0.6
- HTTP/1.1 200
- Access-Control-Allow-Origin: https://example.com:3000
- Vary: Origin
- Access-Control-Allow-Methods: GET,PUT,POST,DELETE,PATCH
- Access-Control-Allow-Headers: authorization
- Content-Length: 0
- Date: Tue, 03 Oct 2017 16:01:37 GMT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement