I am using Spring Boot to serve a simple REST controller with an Angular app. I configured a global CORS policy:
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("*")
.allowedMethods("GET", "PUT", "POST", "PATCH", "OPTIONS");
}
};
}
Now this works fine when using plain HTTP, however if I configure TLS in the application.properties
like this:
server.port=8443
server.ssl.key-store=src/main/resources/keystore.p12
server.ssl.key-store-password=password
server.ssl.key-store-type=PKCS12
The requests are blocked. The angular console shows me, that the CORS failed.
Why does it fail when calling https://localhost:8443/test but succeeds when calling http://localhost:8080/test and no TLS configured?
I read the complete documentation.
Update
Here is the error message that the console logs:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://localhost:8443/test. (Reason: CORS request did not succeed).
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…