3

I have backend Springboot API service which is running behind the Azure Application Gateway. The APIs are getting used in a Single page application. Spring boot APIs are well configured for CORS and working prefectly fine in ideal scenarios.

But getting CORS errror when Beackendend service is not responsive/down. I setup these values in Application gateway to deal with Preflight calls in case java service is not reachable.

Access-Control-Allow-Origin: {http_req_Origin}
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Headers: x-requested-with, authorization, content-type, unique-one-time-token
Access-Control-Max-Age: 1800

After doing these rewrite rules , there is still CORS error Cross-origin resource sharing error: PreflightInvalidstatus

Majid Hajibaba
  • 3,105
  • 6
  • 23
  • 55
ashok Kumar
  • 31
  • 2

1 Answers1

2

See if any of the below can be workaround in your case

  1. Make sure the request URL in your code isn’t missing a trailing slash.

    for example, you may need to add a trailing slash in your code— e.g., http://localhost/api/auth/login/  or remove the slash if present http://localhost/api/auth/login and try.

  2. This may even happen sometimes when you try calling an https service as http, for example when you perform a request on :'http:// localhost/api/auth/login ' which might have to be be 'https:// localhost/api/auth/login

Or

  1. You need to reply to that CORS preflight with the appropriate CORS headers to make this work.

    A CORS-preflight request is a CORS request that checks to see if the CORS protocol is understood. It uses OPTIONS as method and includes these  headers .You might need to reply to that CORS preflight with the appropriate CORS headers.

References:

  1. Fetch Standard (whatwg.org)
  2. CORS#preflighted_requests
  3. CORS
kavyaS
  • 8,026
  • 1
  • 7
  • 19