Right, I was happily enjoying my day, doing awesome stuff ( not really ), when I got a message that my API was causing CORS issues!
Now, I thought this was weird, considering I had fixed those issues at the beginning. Last time we faced CORS issues, it was because someone was using an incorrect URL ( which of course didn't exist ), so the preflight request got a 404 error, resulting in the blasted CORS error.
Today, I thought it was the same issue. And boy, was I super wrong! After spending the whole day debugging why axios was being a
bitch pain-in-the-somewhere, I totally realized something funny was going on. The URL was correct, meaning something else was going on.
So, what I finally realized was that Spring Security, by default validates
OPTIONS requests, which are sent by Axios in a preflight request. And that's when it hit me, I had forgotten to disable that. 😅
All I had to do, was to go inside my
WebSecurityConfig class, and inside the
configure, put a
http.cors(). Simple, right? Ah well, give me a break!