Describe the bug 500 does not return cross-domain related header information
To Reproduce 1.
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.antMatchers("/**").permitAll()
.anyRequest().authenticated()
}
2.
@Bean
CorsConfigurationSource corsConfigurationSource() {
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
return source;
}
-
Request an interface where an exception occurs
-
Missing cross-domain http header status code 500:
Expected behavior
status code 404:
Comment From: jzheaux
Thanks for the report, @An0nymous0. I think the situation would be clearer if you could supply a minimal sample. Are you able to do that?
Comment From: An0nymous0
It seems impossible to reproduce after the update