SZUT/casino
5
1
Fork 0
Code Issues Pull requests 1 Releases 64 Wiki Activity Actions

fix(cors): restrict allowed headers in CORS configuration

Browse source
This commit is contained in:
Jan K9f 2025-04-04 19:50:59 +02:00
parent 404a518be0
commit 06d418615c
Signed by: jank
GPG key ID: B9F475106B20F144
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
backend/src/main/java/de/szut/casino/config/CorsConfig.java
View file

@ -11,7 +11,7 @@ public class CorsConfig implements WebMvcConfigurer {
registry.addMapping("/**")
.allowedOrigins("http://localhost:4200", "http://192.168.176.120:4200")
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.allowedHeaders("*")
.allowedHeaders("Origin", "Content-Type", "Accept", "Authorization", "X-Requested-With")
.allowCredentials(true)
.maxAge(3600);
}