diff --git a/src/main/java/com/faf223/expensetrackerfaf/config/CorsFilter.java b/src/main/java/com/faf223/expensetrackerfaf/config/CorsFilter.java index 8c61939..ed23357 100644 --- a/src/main/java/com/faf223/expensetrackerfaf/config/CorsFilter.java +++ b/src/main/java/com/faf223/expensetrackerfaf/config/CorsFilter.java @@ -17,21 +17,20 @@ public class CorsFilter implements Filter { public void destroy() { } + @Override - public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) - throws IOException, ServletException { - HttpServletResponse response = (HttpServletResponse) res; - HttpServletRequest request = (HttpServletRequest) req; - - response.setHeader("Access-Control-Allow-Origin", "http://localhost:5173"); - response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE"); - response.setHeader("Access-Control-Max-Age", "3600"); - response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, X-Auth-Token"); + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Credentials", "true"); - - if (!"OPTIONS".equalsIgnoreCase(request.getMethod())) { - chain.doFilter(req, res); + response.setHeader("Access-Control-Allow-Methods", "POST, GET, HEAD, OPTIONS"); + response.setHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"); + if ("OPTIONS".equalsIgnoreCase(((HttpServletRequest) servletRequest).getMethod())) { + response.setStatus(HttpServletResponse.SC_OK); + } else { + filterChain.doFilter(servletRequest, response); } + } @Override