Let’s make CORS work for you.

Cross-origin resource sharing (CORS) is a mechanism that controls the AJAX calls to your resources outside the current origin. In some cases, you need to allow some origins to make these kinds of calls. For example, if you have a SAAS based product, there will be some clients who are connecting to your API and making AJAX calls.

In Spring, there are several ways to check the origin, method, headers, etc., of incoming requests.

You can use WebSecurityConfigurerAdapter in Spring Security, and WebMvcConfigurer, @CrossOrigin annotation, CorsFilter in Spring MVC.

We are providing a SaaS-based payment and wallet application. We’re serving our payment page via JavaScript, and so many CORS requests come from our clients. In our case, we needed to change allowed origins dynamically because some merchants may be added, deleted, or updated.

Our tech stack in this project consists of Spring Boot, Spring Cloud, Netflix OSS, and our gateway is Netflix Zuul.

#java #tutorial #spring #runtime #cors #customizing cors filtering at runtime