Add Dynamic CORS Configuration for Spring Boot Application

[faizakram]

Dynamic CORS Configuration for Spring Boot Application

This project implements a dynamic and configurable CORS (Cross-Origin Resource Sharing) policy in a Spring Boot application. The configuration allows flexibility to define allowedOrigins through externalized application properties and supports various HTTP methods, headers, and credentials.

---

Features

1. Dynamic CORS Endpoints

   • CORS origins are dynamically read from the spring.web.allow.cors property in the application's configuration files (e.g., application.yml or application.properties).

2. Supported HTTP Methods

   • GET, POST, PUT, PATCH, DELETE, OPTIONS

3. Credential Support

   • CORS configuration allows cross-origin credentials, such as cookies or authentication headers, to be shared between client and server.

4. Custom Headers

   • Allows all headers (*) by default for flexibility, with the option to specify necessary headers explicitly.

5. Environment-Specific Configurations

   • Different environments (e.g., development, production) can use separate configurations for better security and flexibility.

6. Max Cache Age

   • Preflight requests are cached for 3600 seconds (1 hour).

---

Configuration

Application Properties

Define the allowed origins in application.properties or application.yml:

spring.web.allow.cors=http://localhost:3000,http://localhost:4200