Invalid CORS request for post call?










0















Request URL: ******
Request Method: OPTIONS
Status Code: 403 
Remote Address: ****
Referrer Policy: no-referrer-when-downgrade


For the post call browser showing it as OPTIONS.



The following is the server code:



@Bean
public WebMvcConfigurer corsConfigurer() 
 return new WebMvcConfigurerAdapter() 
 @Override
 public void addCorsMappings(CorsRegistry registry) 
 System.out.println("onboard cors");

 registry.addMapping("/**").allowedMethods("GET", "PUT", "POST", "DELETE", "OPTIONS").allowedOrigins("*").allowedHeaders("*");
 
 ;



The above code is working fine when I directly call the respective service.



But getting 'invalid cors request' error by calling the service through zuul api gateway.



Any suggestions plz?






java spring spring-boot netflix-zuul







share|improve this question
























  • It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

    – Mohamed EL AYADI
    Nov 14 '18 at 11:49











  • Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

    – Karthik P
    Nov 14 '18 at 13:47











  • The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

    – Karthik P
    Nov 14 '18 at 14:28











  • Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

    – Mohamed EL AYADI
    Nov 15 '18 at 9:27















0















Request URL: ******
Request Method: OPTIONS
Status Code: 403 
Remote Address: ****
Referrer Policy: no-referrer-when-downgrade


For the post call browser showing it as OPTIONS.



The following is the server code:



@Bean
public WebMvcConfigurer corsConfigurer() 
 return new WebMvcConfigurerAdapter() 
 @Override
 public void addCorsMappings(CorsRegistry registry) 
 System.out.println("onboard cors");

 registry.addMapping("/**").allowedMethods("GET", "PUT", "POST", "DELETE", "OPTIONS").allowedOrigins("*").allowedHeaders("*");
 
 ;



The above code is working fine when I directly call the respective service.



But getting 'invalid cors request' error by calling the service through zuul api gateway.



Any suggestions plz?






java spring spring-boot netflix-zuul







share|improve this question
























  • It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

    – Mohamed EL AYADI
    Nov 14 '18 at 11:49











  • Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

    – Karthik P
    Nov 14 '18 at 13:47











  • The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

    – Karthik P
    Nov 14 '18 at 14:28











  • Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

    – Mohamed EL AYADI
    Nov 15 '18 at 9:27













0












0








0








Request URL: ******
Request Method: OPTIONS
Status Code: 403 
Remote Address: ****
Referrer Policy: no-referrer-when-downgrade


For the post call browser showing it as OPTIONS.



The following is the server code:



@Bean
public WebMvcConfigurer corsConfigurer() 
 return new WebMvcConfigurerAdapter() 
 @Override
 public void addCorsMappings(CorsRegistry registry) 
 System.out.println("onboard cors");

 registry.addMapping("/**").allowedMethods("GET", "PUT", "POST", "DELETE", "OPTIONS").allowedOrigins("*").allowedHeaders("*");
 
 ;



The above code is working fine when I directly call the respective service.



But getting 'invalid cors request' error by calling the service through zuul api gateway.



Any suggestions plz?






java spring spring-boot netflix-zuul







share|improve this question
















Request URL: ******
Request Method: OPTIONS
Status Code: 403 
Remote Address: ****
Referrer Policy: no-referrer-when-downgrade


For the post call browser showing it as OPTIONS.



The following is the server code:



@Bean
public WebMvcConfigurer corsConfigurer() 
 return new WebMvcConfigurerAdapter() 
 @Override
 public void addCorsMappings(CorsRegistry registry) 
 System.out.println("onboard cors");

 registry.addMapping("/**").allowedMethods("GET", "PUT", "POST", "DELETE", "OPTIONS").allowedOrigins("*").allowedHeaders("*");
 
 ;



The above code is working fine when I directly call the respective service.



But getting 'invalid cors request' error by calling the service through zuul api gateway.



Any suggestions plz?






java spring spring-boot netflix-zuul




java spring spring-boot netflix-zuul






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 14 '18 at 14:30







Karthik P

















asked Nov 14 '18 at 11:10









Karthik PKarthik P

336




336












  • It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

    – Mohamed EL AYADI
    Nov 14 '18 at 11:49











  • Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

    – Karthik P
    Nov 14 '18 at 13:47











  • The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

    – Karthik P
    Nov 14 '18 at 14:28











  • Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

    – Mohamed EL AYADI
    Nov 15 '18 at 9:27

















  • It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

    – Mohamed EL AYADI
    Nov 14 '18 at 11:49











  • Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

    – Karthik P
    Nov 14 '18 at 13:47











  • The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

    – Karthik P
    Nov 14 '18 at 14:28











  • Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

    – Mohamed EL AYADI
    Nov 15 '18 at 9:27
















It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

– Mohamed EL AYADI
Nov 14 '18 at 11:49





It's the preflight check by the browser, and to get ride of it you must implement crossorigin, I simply added CrossOrigin annotation in my controllers and worked. If you have spring security in your project, the configuration you added isn't enough.

– Mohamed EL AYADI
Nov 14 '18 at 11:49













Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

– Karthik P
Nov 14 '18 at 13:47





Hi Mohamed, I tried the above method but didnt work. I tried 3 ways 1. Global CORS 2. Controller level 3. Method level

– Karthik P
Nov 14 '18 at 13:47













The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

– Karthik P
Nov 14 '18 at 14:28





The above code working but we are using zuul api gateway, by calling the post call through zuul api gateway is not working. By calling the respective service directly it is working fine.

– Karthik P
Nov 14 '18 at 14:28













Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

– Mohamed EL AYADI
Nov 15 '18 at 9:27





Sorry to hear that, but i think you must have mentionned that the problem is at zuul level not the microservice itself. Good luck

– Mohamed EL AYADI
Nov 15 '18 at 9:27












2 Answers
2






active

oldest

votes


















1














Your browser first checks if POST method is safe to send to the endpoint and if yes then does POST request. You should provide permissions to OPTIONS method and respond it with Allow: GET, HEAD, POST and all should be okay. I faced that problem while working with Python, so it's all about CORS and does not depend on platform.



See more information about it here






share|improve this answer
































    0














    The following solution worked for me.



    Add the below code in zuul project:



    @Bean
    public FilterRegistrationBean corsFilter() 
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     CorsConfiguration config = new CorsConfiguration();
     config.setAllowCredentials(true);
     config.addAllowedOrigin("*");
     config.addAllowedHeader("*");
     config.addAllowedMethod("*");
     source.registerCorsConfiguration("/**", config);
     FilterRegistrationBean bean = new FilterRegistrationBean(new org.springframework.web.filter.CorsFilter(source));
     bean.setOrder(0);
     return bean;



    Adding corsfilter code in all microservices is not required.



    Reference: https://stackoverflow.com/a/46277194/4132466






    share|improve this answer






















      Your Answer






      StackExchange.ifUsing("editor", function ()
      StackExchange.using("externalEditor", function ()
      StackExchange.using("snippets", function ()
      StackExchange.snippets.init();
      );
      );
      , "code-snippets");

      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "1"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53298839%2finvalid-cors-request-for-post-call%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      1














      Your browser first checks if POST method is safe to send to the endpoint and if yes then does POST request. You should provide permissions to OPTIONS method and respond it with Allow: GET, HEAD, POST and all should be okay. I faced that problem while working with Python, so it's all about CORS and does not depend on platform.



      See more information about it here






      share|improve this answer





























        1














        Your browser first checks if POST method is safe to send to the endpoint and if yes then does POST request. You should provide permissions to OPTIONS method and respond it with Allow: GET, HEAD, POST and all should be okay. I faced that problem while working with Python, so it's all about CORS and does not depend on platform.



        See more information about it here






        share|improve this answer



























          1












          1








          1







          Your browser first checks if POST method is safe to send to the endpoint and if yes then does POST request. You should provide permissions to OPTIONS method and respond it with Allow: GET, HEAD, POST and all should be okay. I faced that problem while working with Python, so it's all about CORS and does not depend on platform.



          See more information about it here






          share|improve this answer















          Your browser first checks if POST method is safe to send to the endpoint and if yes then does POST request. You should provide permissions to OPTIONS method and respond it with Allow: GET, HEAD, POST and all should be okay. I faced that problem while working with Python, so it's all about CORS and does not depend on platform.



          See more information about it here







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 14 '18 at 12:05

























          answered Nov 14 '18 at 11:45









          barbarianbarbarian

          307416




          307416























              0














              The following solution worked for me.



              Add the below code in zuul project:



              @Bean
              public FilterRegistrationBean corsFilter() 
               UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
               CorsConfiguration config = new CorsConfiguration();
               config.setAllowCredentials(true);
               config.addAllowedOrigin("*");
               config.addAllowedHeader("*");
               config.addAllowedMethod("*");
               source.registerCorsConfiguration("/**", config);
               FilterRegistrationBean bean = new FilterRegistrationBean(new org.springframework.web.filter.CorsFilter(source));
               bean.setOrder(0);
               return bean;



              Adding corsfilter code in all microservices is not required.



              Reference: https://stackoverflow.com/a/46277194/4132466






              share|improve this answer



























                0














                The following solution worked for me.



                Add the below code in zuul project:



                @Bean
                public FilterRegistrationBean corsFilter() 
                 UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                 CorsConfiguration config = new CorsConfiguration();
                 config.setAllowCredentials(true);
                 config.addAllowedOrigin("*");
                 config.addAllowedHeader("*");
                 config.addAllowedMethod("*");
                 source.registerCorsConfiguration("/**", config);
                 FilterRegistrationBean bean = new FilterRegistrationBean(new org.springframework.web.filter.CorsFilter(source));
                 bean.setOrder(0);
                 return bean;



                Adding corsfilter code in all microservices is not required.



                Reference: https://stackoverflow.com/a/46277194/4132466






                share|improve this answer

























                  0












                  0








                  0







                  The following solution worked for me.



                  Add the below code in zuul project:



                  @Bean
                  public FilterRegistrationBean corsFilter() 
                   UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                   CorsConfiguration config = new CorsConfiguration();
                   config.setAllowCredentials(true);
                   config.addAllowedOrigin("*");
                   config.addAllowedHeader("*");
                   config.addAllowedMethod("*");
                   source.registerCorsConfiguration("/**", config);
                   FilterRegistrationBean bean = new FilterRegistrationBean(new org.springframework.web.filter.CorsFilter(source));
                   bean.setOrder(0);
                   return bean;



                  Adding corsfilter code in all microservices is not required.



                  Reference: https://stackoverflow.com/a/46277194/4132466






                  share|improve this answer













                  The following solution worked for me.



                  Add the below code in zuul project:



                  @Bean
                  public FilterRegistrationBean corsFilter() 
                   UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                   CorsConfiguration config = new CorsConfiguration();
                   config.setAllowCredentials(true);
                   config.addAllowedOrigin("*");
                   config.addAllowedHeader("*");
                   config.addAllowedMethod("*");
                   source.registerCorsConfiguration("/**", config);
                   FilterRegistrationBean bean = new FilterRegistrationBean(new org.springframework.web.filter.CorsFilter(source));
                   bean.setOrder(0);
                   return bean;



                  Adding corsfilter code in all microservices is not required.



                  Reference: https://stackoverflow.com/a/46277194/4132466







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 14 '18 at 14:47









                  Karthik PKarthik P

                  336




                  336



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53298839%2finvalid-cors-request-for-post-call%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      這個網誌中的熱門文章

                      Barbados

                      圖片
                      For other uses, see Barbados (disambiguation). Not to be confused with Barbuda. Coordinates: 13°10′N 59°33′W  /  13.167°N 59.550°W  / 13.167; -59.550 Barbados Flag Coat of arms Motto:  "Pride and Industry" Anthem:  In Plenty and In Time of Need Capital and largest city Bridgetown 13°06′N 59°37′W  /  13.100°N 59.617°W  / 13.100; -59.617 Official languages English Recognised regional languages Bajan Creole Ethnic groups (est. 2010 [1] ) 92.4% black 3.1% multiracial 2.7% white 1.3% East Indian 0.5% other/unspecified Religion 75.6% Christian 2.5% other 20.6% none 1.2% unspecified [1] Demonym(s) Barbadian Bajan (colloquial) Government Unitary parliamentary constitutional monarchy • Monarch Elizabeth II •  Governor-General Dame Sandra Mason • Prime Minister Mia Mottley Legislature Parliament • Upper house Senate • Lower house House of Assembly Independence • From the United Kingdom 30 November 1966 Area • Total 439 km 2 (169 sq mi) (183rd) • Water (%) Negligib
                      閱讀完整內容

                      How to read a connectionString WITH PROVIDER in .NET Core?

                      圖片
                      6 I added .AddJsonFile("Connections.json", optional: true, reloadOnChange: true) in public Startup(IHostingEnvironment env) Connections.json contains: "ConnectionStrings": "DefaultConnection": "Server=(localdb)\mssqllocaldb;Database=DATABASE;Trusted_Connection=True;MultipleActiveResultSets=true", "COR-W81-101": "Data Source=DATASOURCE;Initial Catalog=P61_CAFM_Basic;User Id=USERID;Password=PASSWORD;Persist Security Info=False;MultipleActiveResultSets=False;Packet Size=4096;", "COR-W81-100": "Data Source=DATASOURCE;Initial Catalog=Post_PS;User Id=USERID;Password=PASSWORD;Persist Security Info=False;MultipleActiveResultSets=False;Packet Size=4096;", "MSEDGEWIN10": "Data Source=DATASOURCE; Initial Catalog=COR_Basic; Persist Security Info=False;Integrated Security=true;MultipleActiveResultSets=False;Packet Size=4096;Application Name="COR_Basic"", "server&qu
                      閱讀完整內容

                      Node.js Script on GitHub Pages or Amazon S3

                      圖片
                      0 I'm wondering if I can run a Node.js script in my Jekyll page from GitHub Pages or Amazon S3? I think it can't run on GitHub Pages since it doesn't support server side code. Not too sure. The code is below: var Airtable = require('airtable'); var base = new Airtable(apiKey: 'YOUR_API_KEY').base('appAnZVyYqusNPV5Q'); base('Invitee list').select( // Selecting the first 3 records in Complete list: maxRecords: 3, view: "Complete list" ).eachPage(function page(records, fetchNextPage) // This function (`page`) will get called for each page of records. records.forEach(function(record) console.log('Retrieved', record.get('Email')); ); // To fetch the next page of records, call `fetchNextPage`. // If there are more records, `page` will get called again. // If there are no more records, `done` will get called. fetchNextPage(); , function done(err) if (err) console.error(err); return; ); node.js
                      閱讀完整內容