From 1a564dd4f378d4ed9424c5f16a786dac3ea02ac4 Mon Sep 17 00:00:00 2001 From: Rainnny7 Date: Thu, 19 Sep 2024 00:28:12 -0400 Subject: [PATCH] okay pls yes pls pls --- src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java index 836f534..e6e0527 100644 --- a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java +++ b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java @@ -49,7 +49,8 @@ public class WebSecurityConfig { authentication.setAuthenticated(true); // Mark the session as authenticated return authentication; }); - return http.csrf(AbstractHttpConfigurer::disable) // Disable CSRF + return http.cors(AbstractHttpConfigurer::disable) + .csrf(AbstractHttpConfigurer::disable) // Disable CSRF .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // No sessions .formLogin(AbstractHttpConfigurer::disable) // Disable form logins .securityMatcher("/**") // Require auth for all routes