From 1a564dd4f378d4ed9424c5f16a786dac3ea02ac4 Mon Sep 17 00:00:00 2001
From: Rainnny7 <braydonrainnny@gmail.com>
Date: Thu, 19 Sep 2024 00:28:12 -0400
Subject: [PATCH] okay pls yes pls pls

---
 src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java
index 836f534..e6e0527 100644
--- a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java
+++ b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java
@@ -49,7 +49,8 @@ public class WebSecurityConfig {
             authentication.setAuthenticated(true); // Mark the session as authenticated
             return authentication;
         });
-        return http.csrf(AbstractHttpConfigurer::disable) // Disable CSRF
+        return http.cors(AbstractHttpConfigurer::disable)
+                .csrf(AbstractHttpConfigurer::disable) // Disable CSRF
                 .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // No sessions
                 .formLogin(AbstractHttpConfigurer::disable) // Disable form logins
                 .securityMatcher("/**") // Require auth for all routes