chore: apply cors configuration (#75)

goldentrash · web-flow · commit 3ec1c8b85d76 · 2025-02-27T15:44:42.000+09:00
diff --git a/src/main/java/gdsc/konkuk/platformcore/global/configs/SecurityConfig.java b/src/main/java/gdsc/konkuk/platformcore/global/configs/SecurityConfig.java
@@ -19,6 +19,7 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 @Configuration
 @EnableWebSecurity
@@ -30,6 +31,7 @@ public class SecurityConfig {
     private final CustomAuthenticationFailureHandler customAuthenticationFailureHandler;
     private final CustomOAuthUserService customOAuthUserService;
     private final GoogleOidcConfig googleOidcConfig;
+    private final UrlBasedCorsConfigurationSource corsConfigurationSource;
 
     @Bean
     @Order(2)
@@ -40,6 +42,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
                 response.setStatus(HttpServletResponse.SC_FORBIDDEN);
 
         httpSecurity
+                .cors(cors -> cors.configurationSource(corsConfigurationSource))
                 .csrf(AbstractHttpConfigurer::disable)
                 .sessionManagement(session -> session
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
