5
votes

I am trying to integrate the angualar js app with the backend spring boot , in which i am facing the redirection is not allowed for a preflight request

This is deployed on openshift , i have configured to enabled cors by adding few annotation in the controller method , which helped me to solve the : Request doesnot have "Access-Control-Allow-Origin" header in the incoming request : CORS policy issue.

    @CrossOrigin(allowedHeaders = "*", origins = "*", exposedHeaders = 
        "Access-Control-Allow-Origin", methods = {
          RequestMethod.POST, RequestMethod.GET, RequestMethod.PUT, 
    RequestMethod.DELETE, RequestMethod.HEAD,
          RequestMethod.OPTIONS, RequestMethod.PATCH, RequestMethod.TRACE })
    @RestController
    public class Controller {

   @Autowired
   Service botService;

   @Autowired
   Environment env;

   @CrossOrigin()
   @RequestMapping(value = "/jwtToken", method = {
                 RequestMethod.POST }, produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
   @ResponseStatus(HttpStatus.OK)
   public ResponseEntity<UnifiedService> botConntor(                     
                 @RequestBody UnifiedInput input, HttpServletRequest request) {
          UnifiedBPMService output = botService.processBotRequest(input, request);
          return new ResponseEntity<UnifiedService>(output, HttpStatus.OK);
   }

The error which i get in the actual angular app is:

Access to XMLHttpRequest at 'http:///chatbot/api/jwtToken' from origin 'http://' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

The options call has returned the below respose :

    Request URL: http://<domain>/chatbot/api/jwtToken
    Request Method: OPTIONS
    Status Code: 302 Found
    Remote Address: 10.235.222.220:80
    Referrer Policy: no-referrer-when-downgrade
1
You can try adding @CrossOrigin(origins = { "*" }, maxAge = 4800, allowCredentials = "false") but origins should be * and remove exposed headersAhmad Qureshi
@AhmadQureshi : the suggested changes did not help to solve the problem. still i get the same errorKaMaL
can you try removing @CorsOrigin from the method levelAhmad Qureshi
@AhmadQureshi : removed, but still same issueKaMaL

1 Answers

1
votes

Your backend is redirecting (302) instead of sending a proper response (200) to the OPTIONS/preflight request. Check your backend logs to see why it is redirecting. It may be something like Spring security denying the OPTIONS request and redirecting to your login page.