How to enable CORS in Jhipster

By default CORS is disabled in prod mode and enabled in dev mode.

CORS can be enabled for Prod mode by setting jhipster.cors configuration in application-prod.yml file.

jhipster:
cors:
# Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
allowed-origins: ‘http://localhost:8100,http://localhost:9000'
allowed-methods: ‘*’
allowed-headers: ‘*’
exposed-headers: ‘Authorization,Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params’
allow-credentials: true
max-age: 1800

In above example CORS is enabled for url http://localhost:8100 and http://localhost:9000.

This configuration is loaded by JHipster Properties and used in WebConfigurer.java to apply the CORS configuration. By default similar configuration already exisit in application-dev.yml file.

If you want to enable CORS for additional server you can do by modifying -

allowed-origins: 'http://localhost:8100,http://localhost:9000, http://localhost:3000'

--

--

System Administrator and Full stack web developer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store