I am trying to connect angular 6 project with spring boot application. When I run angular project, it constantly gives this error, although I have installed all the dependencies and imports.
I have used following line of code in controller class.
@CrossOrigin(origins = "http://localhost:4200/", maxAge = 3600)
I have also included this SimpleCORSFilter.java file in java folder:
package com.oms;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
@Component
public class SimpleCORSFilter implements Filter {
private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);
public SimpleCORSFilter() {
log.info("SimpleCORSFilter init");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
Also I have created proxy.conf.json file in angular project:
{
"/api": {
"target": "http://localhost:8080",
"secure": false
}
}
This file is included like this in angular.json:
"start": "ng serve --proxy-config proxy.conf.json",
Still I am getting this error:
Access to XMLHttpRequest at 'http://localhost:8080/fetchAll' from origin 'http://localhost:4200' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.**
I referred such type of queries, but could not get the exact solution.
I am really confused, if there is any error in code? What steps should be taken to resolve this issue?
response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, X-Requested-With, remember-me")
. That, addAuthorization
to the value. The error message, “Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response” is exactly caused by the fact the code doesn’t includeAuthorization
in the value it’s setting for the Access-Control-Allow-Headers response header. – sideshowbarker