Cross-Origin Resource Sharing (CORS) is a mechanism that enables multiple resources (i.e., web pages) on a web server to be requested from a different domain outside the domain from which the resource originated. Here are the bullet points that describe CORS in Spring Boot:
- Cross-origin request: Requests made from a web page hosted on one domain to another domain are considered as cross-origin requests.
- CORS header: The server responds to such requests with CORS header which specifies which origins are allowed to access the resources.
- Preflight requests: Browsers send preflight requests before making actual requests to check the server’s policy for the type of request being made.
- Server configuration: CORS can be enabled in the server by setting up the appropriate response headers. In Spring Boot, this can be achieved through configuration in the application.properties or application.yml file.
- @CrossOrigin annotation: The @CrossOrigin annotation can be used to specify CORS configurations for a specific controller or endpoint in Spring Boot.
- Global CORS configuration: Global CORS configuration can be set up using a WebMvcConfigurer bean in the configuration class.
- Customizing CORS policy: The CORS policy can be customized to allow requests from specific domains, methods, or headers.
- CORS security: CORS can have security implications, so it is important to understand the risks and limitations when enabling CORS in a Spring Boot application.
Here is a complete example of a Car REST API application with CORS support using Spring Boot:
- Car Entity Class:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
typescriptCopy code<code>package com.example.demo.entity; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; @Entity public class Car { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private Long id; private String make; private String model; private Integer year; public Car() {} public Car(String make, String model, Integer year) { this.make = make; this.model = model; this.year = year; } public Long getId() { return id; } public void setId(Long id) { this.id = id; } public String getMake() { return make; } public void setMake(String make) { this.make = make; } public String getModel() { return model; } public void setModel(String model) { this.model = model; } public Integer getYear() { return year; } public void setYear(Integer year) { this.year = year; } } |
- Car Repository Interface:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
kotlinCopy code<code>package com.example.demo.repository; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; import com.example.demo.entity.Car; @Repository public interface CarRepository extends JpaRepository<Car, Long> { } |
- Car Service Interface:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
javaCopy code<code>package com.example.demo.service; import java.util.List; import com.example.demo.entity.Car; public interface CarService { List<Car> getAllCars(); Car getCarById(Long id); Car addCar(Car car); void deleteCar(Long id); } |
- Car Service Implementation:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
package com.example.demo.service; import java.util.List; import java.util.Optional; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.example.demo.entity.Car; import com.example.demo.repository.CarRepository; @Service public class CarServiceImpl implements CarService { @Autowired CarRepository carRepository; @Override public Car saveCar(Car car) { return carRepository.save(car); } @Override public List<Car> fetchCarsList() { return carRepository.findAll(); } @Override public Optional<Car> getCarByID(Long id) { return carRepository.findById(id); } @Override public void deleteCar(Long id) { carRepository.deleteById(id); } } |
Here is the code for the CarController class:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
kotlinCopy code<code>package com.example.demo.controller; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import com.example.demo.entity.Car; import com.example.demo.service.CarService; @RestController public class CarController { @Autowired CarService carService; @GetMapping("/cars") public List<Car> getCars(){ return carService.getCars(); } @PostMapping("/cars") public Car addCar(@RequestBody Car car){ return carService.addCar(car); } } |
This controller class has two endpoints: /cars (GET) and /cars (POST). The GET endpoint returns a list of all cars, while the POST endpoint accepts a Car object in the request body and adds it to the list of cars.
Both endpoints use the CarService to perform their respective operations. The CarService is autowired so that we can use its methods in this class.
Here is the Spring Boot application class for the car CORS example:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
typescriptCopy code<code>package com.example.demo; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class DemoApplication { public static void main(String[] args) { SpringApplication.run(DemoApplication.class, args); } } |
Regenerate response