CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource Spring Boot Rest...












0














Hi Everyone,
I am getting the error as shown in below error log details when an external client tries to consume my following api "http://host_details/processdocument" which is of type multipartformdata but other than this all other API works fine which are of type application/Json.
So kindly guide me to find out the mistake I am doing in CORS config.
The code and error details are as follows:



Error Log seen on browser:
Access to XMLHttpRequest at 'http://host_details/processdocument' from origin 'http://caller_host:4212' has been
blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.



I am using Spring Boot based application with following CORS Config:



1] CORS Config details:



@Component
public class SimpleCORSFilter implements Filter {

private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

public SimpleCORSFilter() {
log.info("SimpleCORSFilter init");
}

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
log.info(request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "36000");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

chain.doFilter(req, res);
}

@Override
public void init(FilterConfig filterConfig) {
}

@Override
public void destroy() {
}

}


2] The Rest API Controller class:



@RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
private ResponseEntity<Map<String, Object>> processVisa(
@RequestPart(value = "file",required=true) MultipartFile file,
@RequestPart(value = "applicationId",required=true) String applicationId,
@RequestPart(value = "fileCategory",required=true) String fileCategory)
{
//// implemntation here

}


3] Request Header found in Console of API:



Now Multipart
Request URL:
http://host_detailas/processdocument
Request Method:
POST
Status Code:
500
Remote Address:
Remote_address_Url:82
Referrer Policy:
no-referrer-when-downgrade


Request Headers
Provisional headers are shown
Accept:
application/json, text/plain, */*
Content-Type:
multipart/form-data
Origin:
http://localhost:4222
Referer:
http://localhost:4222/
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
Request Payload
------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
Name

processdocument









share|improve this question





























    0














    Hi Everyone,
    I am getting the error as shown in below error log details when an external client tries to consume my following api "http://host_details/processdocument" which is of type multipartformdata but other than this all other API works fine which are of type application/Json.
    So kindly guide me to find out the mistake I am doing in CORS config.
    The code and error details are as follows:



    Error Log seen on browser:
    Access to XMLHttpRequest at 'http://host_details/processdocument' from origin 'http://caller_host:4212' has been
    blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.



    I am using Spring Boot based application with following CORS Config:



    1] CORS Config details:



    @Component
    public class SimpleCORSFilter implements Filter {

    private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

    public SimpleCORSFilter() {
    log.info("SimpleCORSFilter init");
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    log.info(request.getHeader("Origin"));
    response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
    response.setHeader("Access-Control-Allow-Credentials", "true");
    response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
    response.setHeader("Access-Control-Max-Age", "36000");
    response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

    chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void destroy() {
    }

    }


    2] The Rest API Controller class:



    @RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
    private ResponseEntity<Map<String, Object>> processVisa(
    @RequestPart(value = "file",required=true) MultipartFile file,
    @RequestPart(value = "applicationId",required=true) String applicationId,
    @RequestPart(value = "fileCategory",required=true) String fileCategory)
    {
    //// implemntation here

    }


    3] Request Header found in Console of API:



    Now Multipart
    Request URL:
    http://host_detailas/processdocument
    Request Method:
    POST
    Status Code:
    500
    Remote Address:
    Remote_address_Url:82
    Referrer Policy:
    no-referrer-when-downgrade


    Request Headers
    Provisional headers are shown
    Accept:
    application/json, text/plain, */*
    Content-Type:
    multipart/form-data
    Origin:
    http://localhost:4222
    Referer:
    http://localhost:4222/
    User-Agent:
    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
    Request Payload
    ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
    Name

    processdocument









    share|improve this question



























      0












      0








      0







      Hi Everyone,
      I am getting the error as shown in below error log details when an external client tries to consume my following api "http://host_details/processdocument" which is of type multipartformdata but other than this all other API works fine which are of type application/Json.
      So kindly guide me to find out the mistake I am doing in CORS config.
      The code and error details are as follows:



      Error Log seen on browser:
      Access to XMLHttpRequest at 'http://host_details/processdocument' from origin 'http://caller_host:4212' has been
      blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.



      I am using Spring Boot based application with following CORS Config:



      1] CORS Config details:



      @Component
      public class SimpleCORSFilter implements Filter {

      private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

      public SimpleCORSFilter() {
      log.info("SimpleCORSFilter init");
      }

      @Override
      public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

      HttpServletRequest request = (HttpServletRequest) req;
      HttpServletResponse response = (HttpServletResponse) res;
      log.info(request.getHeader("Origin"));
      response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
      response.setHeader("Access-Control-Allow-Credentials", "true");
      response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
      response.setHeader("Access-Control-Max-Age", "36000");
      response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

      chain.doFilter(req, res);
      }

      @Override
      public void init(FilterConfig filterConfig) {
      }

      @Override
      public void destroy() {
      }

      }


      2] The Rest API Controller class:



      @RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
      private ResponseEntity<Map<String, Object>> processVisa(
      @RequestPart(value = "file",required=true) MultipartFile file,
      @RequestPart(value = "applicationId",required=true) String applicationId,
      @RequestPart(value = "fileCategory",required=true) String fileCategory)
      {
      //// implemntation here

      }


      3] Request Header found in Console of API:



      Now Multipart
      Request URL:
      http://host_detailas/processdocument
      Request Method:
      POST
      Status Code:
      500
      Remote Address:
      Remote_address_Url:82
      Referrer Policy:
      no-referrer-when-downgrade


      Request Headers
      Provisional headers are shown
      Accept:
      application/json, text/plain, */*
      Content-Type:
      multipart/form-data
      Origin:
      http://localhost:4222
      Referer:
      http://localhost:4222/
      User-Agent:
      Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
      Request Payload
      ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
      Name

      processdocument









      share|improve this question















      Hi Everyone,
      I am getting the error as shown in below error log details when an external client tries to consume my following api "http://host_details/processdocument" which is of type multipartformdata but other than this all other API works fine which are of type application/Json.
      So kindly guide me to find out the mistake I am doing in CORS config.
      The code and error details are as follows:



      Error Log seen on browser:
      Access to XMLHttpRequest at 'http://host_details/processdocument' from origin 'http://caller_host:4212' has been
      blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.



      I am using Spring Boot based application with following CORS Config:



      1] CORS Config details:



      @Component
      public class SimpleCORSFilter implements Filter {

      private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

      public SimpleCORSFilter() {
      log.info("SimpleCORSFilter init");
      }

      @Override
      public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

      HttpServletRequest request = (HttpServletRequest) req;
      HttpServletResponse response = (HttpServletResponse) res;
      log.info(request.getHeader("Origin"));
      response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
      response.setHeader("Access-Control-Allow-Credentials", "true");
      response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
      response.setHeader("Access-Control-Max-Age", "36000");
      response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

      chain.doFilter(req, res);
      }

      @Override
      public void init(FilterConfig filterConfig) {
      }

      @Override
      public void destroy() {
      }

      }


      2] The Rest API Controller class:



      @RequestMapping(value=URLConstants.PROCESS_FILE_FOR_OCR,method=RequestMethod.POST,headers = {"content-type=multipart/mixed","content-type=multipart/form-data"})
      private ResponseEntity<Map<String, Object>> processVisa(
      @RequestPart(value = "file",required=true) MultipartFile file,
      @RequestPart(value = "applicationId",required=true) String applicationId,
      @RequestPart(value = "fileCategory",required=true) String fileCategory)
      {
      //// implemntation here

      }


      3] Request Header found in Console of API:



      Now Multipart
      Request URL:
      http://host_detailas/processdocument
      Request Method:
      POST
      Status Code:
      500
      Remote Address:
      Remote_address_Url:82
      Referrer Policy:
      no-referrer-when-downgrade


      Request Headers
      Provisional headers are shown
      Accept:
      application/json, text/plain, */*
      Content-Type:
      multipart/form-data
      Origin:
      http://localhost:4222
      Referer:
      http://localhost:4222/
      User-Agent:
      Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/URL Safari/537.36
      Request Payload
      ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="file"; filename="aadharcard.jpg" Content-Type: image/jpeg ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="EmiratesId" Passport ------WebKitFormBoundaryCljOAWzb4HGBWil4 Content-Disposition: form-data; name="applicationId" 123 ------WebKitFormBoundaryCljOAWzb4HGBWil4--
      Name

      processdocument






      java spring-boot cors






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 23 '18 at 9:33

























      asked Nov 23 '18 at 7:33









      srikanth r

      161111




      161111
























          1 Answer
          1






          active

          oldest

          votes


















          0














          that is the cors option method problem. you need to grant access option method try this on security



          public class CustomSecurity extends WebSecurityConfigurerAdapter{
          @Override
          protected void configure(HttpSecurity http) throws Exception {

          http.csrf()
          .disable()
          .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....

          }
          }





          share|improve this answer





















          • Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
            – srikanth r
            Nov 23 '18 at 10:56













          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53442381%2fcors-policy-no-access-control-allow-origin-header-is-present-on-the-requested%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          that is the cors option method problem. you need to grant access option method try this on security



          public class CustomSecurity extends WebSecurityConfigurerAdapter{
          @Override
          protected void configure(HttpSecurity http) throws Exception {

          http.csrf()
          .disable()
          .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....

          }
          }





          share|improve this answer





















          • Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
            – srikanth r
            Nov 23 '18 at 10:56


















          0














          that is the cors option method problem. you need to grant access option method try this on security



          public class CustomSecurity extends WebSecurityConfigurerAdapter{
          @Override
          protected void configure(HttpSecurity http) throws Exception {

          http.csrf()
          .disable()
          .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....

          }
          }





          share|improve this answer





















          • Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
            – srikanth r
            Nov 23 '18 at 10:56
















          0












          0








          0






          that is the cors option method problem. you need to grant access option method try this on security



          public class CustomSecurity extends WebSecurityConfigurerAdapter{
          @Override
          protected void configure(HttpSecurity http) throws Exception {

          http.csrf()
          .disable()
          .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....

          }
          }





          share|improve this answer












          that is the cors option method problem. you need to grant access option method try this on security



          public class CustomSecurity extends WebSecurityConfigurerAdapter{
          @Override
          protected void configure(HttpSecurity http) throws Exception {

          http.csrf()
          .disable()
          .authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() ....

          }
          }






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 23 '18 at 10:29









          Himesh goswami

          638316




          638316












          • Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
            – srikanth r
            Nov 23 '18 at 10:56




















          • Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
            – srikanth r
            Nov 23 '18 at 10:56


















          Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
          – srikanth r
          Nov 23 '18 at 10:56






          Hi Himesh, Thanks for your feedback I dont have any security implementation right now so is it required to override above method for the scenario?
          – srikanth r
          Nov 23 '18 at 10:56




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53442381%2fcors-policy-no-access-control-allow-origin-header-is-present-on-the-requested%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          What visual should I use to simply compare current year value vs last year in Power BI desktop

          How to ignore python UserWarning in pytest?

          Alexandru Averescu