From a9a9ae4bbc979507abba5c16206e352ee3df6e24 Mon Sep 17 00:00:00 2001
From: samnyan <205-NeumPhis@users.noreply.dev.s-ul.eu>
Date: Thu, 16 Jan 2020 20:27:24 +0900
Subject: [PATCH] Add the CORS header to the release version which I forgot

---
 .../aqua/security/config/SecurityConfig.java   | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/main/java/icu/samnyan/aqua/security/config/SecurityConfig.java b/src/main/java/icu/samnyan/aqua/security/config/SecurityConfig.java
index 669b5b4..fe8410c 100644
--- a/src/main/java/icu/samnyan/aqua/security/config/SecurityConfig.java
+++ b/src/main/java/icu/samnyan/aqua/security/config/SecurityConfig.java
@@ -1,9 +1,15 @@
 package icu.samnyan.aqua.security.config;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.Arrays;
 
 /**
  * @author samnyan (privateamusement@protonmail.com)
@@ -12,10 +18,22 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 @EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+    @Bean
+    CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowedOrigins(Arrays.asList("*"));
+        config.setAllowedHeaders(Arrays.asList("*"));
+        config.setAllowedMethods(Arrays.asList("GET", "PUT", "POST", "DELETE", "OPTIONS"));
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/api/**", config);
+        return source;
+    }
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http
                 .headers().disable()
+                .cors().and()
                 .csrf().disable()
                 .authorizeRequests()
                 .anyRequest().permitAll();