From f4fd984733860d7e86233e1ae460c51e9a2deb4c Mon Sep 17 00:00:00 2001 From: Sumedh Date: Mon, 30 Sep 2024 14:40:54 +0000 Subject: [PATCH 1/2] allowed origins modified to specific url --- .../com/olympus/hermione/security/config/CorsConfig.java | 8 +++++++- src/main/resources/application.properties | 5 ++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/olympus/hermione/security/config/CorsConfig.java b/src/main/java/com/olympus/hermione/security/config/CorsConfig.java index 1d704b8..7ea22cb 100644 --- a/src/main/java/com/olympus/hermione/security/config/CorsConfig.java +++ b/src/main/java/com/olympus/hermione/security/config/CorsConfig.java @@ -1,15 +1,21 @@ package com.olympus.hermione.security.config; + +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class CorsConfig implements WebMvcConfigurer { + + @Value("${hermione.fe.url}") + private String hermione_frontend_url; + @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") - .allowedOrigins("*") + .allowedOrigins(hermione_frontend_url) .allowedHeaders("*") .allowedMethods("GET", "POST", "PUT", "DELETE"); } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index ce54ede..0a5a804 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -16,4 +16,7 @@ spring.main.allow-circular-references=true neo4j.uri=neo4j+s://e17e6f08.databases.neo4j.io:7687 neo4j.username=neo4j -neo4j.password=8SrSqQ3q6q9PQNWtN9ozqSQfGce4lfh_n6kKz2JIubQ \ No newline at end of file +neo4j.password=8SrSqQ3q6q9PQNWtN9ozqSQfGce4lfh_n6kKz2JIubQ + + +hermione.fe.url="http://hermione.olympusai.live" \ No newline at end of file From 2bd1fb8c69e3818054295c0636a4bb909dc5c5c7 Mon Sep 17 00:00:00 2001 From: Sumedh Date: Mon, 30 Sep 2024 15:21:34 +0000 Subject: [PATCH 2/2] crossorigin removed --- .../java/com/olympus/hermione/controllers/CanvasController.java | 2 -- .../com/olympus/hermione/controllers/ScenarioController.java | 2 -- .../olympus/hermione/security/controllers/AuthController.java | 2 -- src/main/resources/application.properties | 2 +- 4 files changed, 1 insertion(+), 7 deletions(-) diff --git a/src/main/java/com/olympus/hermione/controllers/CanvasController.java b/src/main/java/com/olympus/hermione/controllers/CanvasController.java index 8defbb1..8d21e8b 100644 --- a/src/main/java/com/olympus/hermione/controllers/CanvasController.java +++ b/src/main/java/com/olympus/hermione/controllers/CanvasController.java @@ -1,7 +1,6 @@ package com.olympus.hermione.controllers; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; @@ -12,7 +11,6 @@ import com.olympus.hermione.services.CanvasExecutionService; @RestController -@CrossOrigin public class CanvasController { @Autowired diff --git a/src/main/java/com/olympus/hermione/controllers/ScenarioController.java b/src/main/java/com/olympus/hermione/controllers/ScenarioController.java index 3d90a40..e6a30ae 100644 --- a/src/main/java/com/olympus/hermione/controllers/ScenarioController.java +++ b/src/main/java/com/olympus/hermione/controllers/ScenarioController.java @@ -1,7 +1,6 @@ package com.olympus.hermione.controllers; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; @@ -18,7 +17,6 @@ import com.olympus.hermione.services.ScenarioExecutionService; import org.springframework.web.bind.annotation.RequestBody; @RestController -@CrossOrigin public class ScenarioController { @Autowired diff --git a/src/main/java/com/olympus/hermione/security/controllers/AuthController.java b/src/main/java/com/olympus/hermione/security/controllers/AuthController.java index c1bd6d3..598cb58 100644 --- a/src/main/java/com/olympus/hermione/security/controllers/AuthController.java +++ b/src/main/java/com/olympus/hermione/security/controllers/AuthController.java @@ -7,7 +7,6 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -21,7 +20,6 @@ import com.olympus.hermione.security.entity.User; import com.olympus.hermione.security.utility.JwtTokenProvider; @RestController -@CrossOrigin @RequestMapping("/api/auth") public class AuthController { diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 0a5a804..942a458 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -19,4 +19,4 @@ neo4j.username=neo4j neo4j.password=8SrSqQ3q6q9PQNWtN9ozqSQfGce4lfh_n6kKz2JIubQ -hermione.fe.url="http://hermione.olympusai.live" \ No newline at end of file +hermione.fe.url= \ No newline at end of file