Handling CORS Preflight Requests in Spring Boot REST API for Specific Routes
I just started working with I've encountered a strange issue with I tried several approaches but none seem to work. I'm working on a Spring Boot REST API (version 2.5.4) and I've run into an scenario with CORS configuration. While I have enabled CORS globally through a `WebMvcConfigurer` implementation, it seems that preflight requests for certain routes are failing. I've set up the following configuration: ```java import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class WebConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/api/**").allowedOrigins("http://localhost:3000") .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS").allowCredentials(true); } } ``` However, when I try to hit a `POST` endpoint from my React frontend, I'm receiving a `CORS` behavior in the browser console, specifically: ``` Access to fetch at 'http://localhost:8080/api/resource' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. ``` I verified that my API is running on `http://localhost:8080` and my frontend on `http://localhost:3000`. I also checked the network tab, and I can see that the preflight `OPTIONS` request is returning a `404 Not Found`. I've confirmed that the path `'/api/resource'` is correct. I attempted to explicitly add OPTIONS to my allowed methods and even created a separate controller method to handle OPTIONS requests but that didn’t resolve the scenario: ```java @RestController @RequestMapping("/api") public class ResourceController { @RequestMapping(value = "/resource", method = RequestMethod.OPTIONS) public ResponseEntity<Void> options() { return ResponseEntity.ok() .allow(HttpMethod.GET, HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE, HttpMethod.OPTIONS) .build(); } } ``` Despite these efforts, the OPTIONS request is still returning a 404. I suspect it might be something related to the way Spring handles these routes or perhaps a missing configuration in the security settings. Any insights on how to properly configure CORS in this scenario or debug the preflight request scenario would be greatly appreciated! My development environment is Windows. Am I missing something obvious? Is there a simpler solution I'm overlooking? Could this be a known issue?