diff --git a/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java b/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java index 6c0591d6d2..a8cbd3b206 100644 --- a/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java +++ b/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2021 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -475,7 +475,6 @@ public class CorsConfiguration { * @return the combined {@code CorsConfiguration}, or {@code this} * configuration if the supplied configuration is {@code null} */ - @Nullable public CorsConfiguration combine(@Nullable CorsConfiguration other) { if (other == null) { return this; diff --git a/spring-webflux/src/main/java/org/springframework/web/reactive/config/CorsRegistration.java b/spring-webflux/src/main/java/org/springframework/web/reactive/config/CorsRegistration.java index f0fa2a0967..327c83ff81 100644 --- a/spring-webflux/src/main/java/org/springframework/web/reactive/config/CorsRegistration.java +++ b/spring-webflux/src/main/java/org/springframework/web/reactive/config/CorsRegistration.java @@ -35,7 +35,7 @@ public class CorsRegistration { private final String pathPattern; - private final CorsConfiguration config; + private CorsConfiguration config; public CorsRegistration(String pathPattern) { @@ -149,7 +149,7 @@ public class CorsRegistration { * @since 5.3 */ public CorsRegistration combine(CorsConfiguration other) { - this.config.combine(other); + this.config = this.config.combine(other); return this; } diff --git a/spring-webflux/src/test/java/org/springframework/web/reactive/config/CorsRegistryTests.java b/spring-webflux/src/test/java/org/springframework/web/reactive/config/CorsRegistryTests.java index b4dc68898f..a3f632a5e6 100644 --- a/spring-webflux/src/test/java/org/springframework/web/reactive/config/CorsRegistryTests.java +++ b/spring-webflux/src/test/java/org/springframework/web/reactive/config/CorsRegistryTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2021 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,4 +73,24 @@ public class CorsRegistryTests { .containsExactly("*"); } + @Test + void combine() { + CorsConfiguration otherConfig = new CorsConfiguration(); + otherConfig.addAllowedOrigin("http://localhost:3000"); + otherConfig.addAllowedMethod("*"); + otherConfig.applyPermitDefaultValues(); + + this.registry.addMapping("/api/**").combine(otherConfig); + + Map configs = this.registry.getCorsConfigurations(); + assertThat(configs.size()).isEqualTo(1); + CorsConfiguration config = configs.get("/api/**"); + assertThat(config.getAllowedOrigins()).isEqualTo(Collections.singletonList("http://localhost:3000")); + assertThat(config.getAllowedMethods()).isEqualTo(Collections.singletonList("*")); + assertThat(config.getAllowedHeaders()).isEqualTo(Collections.singletonList("*")); + assertThat(config.getExposedHeaders()).isEmpty(); + assertThat(config.getAllowCredentials()).isNull(); + assertThat(config.getMaxAge()).isEqualTo(Long.valueOf(1800)); + } + } diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/config/annotation/CorsRegistration.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/config/annotation/CorsRegistration.java index f44f79e2ef..523f5dcc0c 100644 --- a/spring-webmvc/src/main/java/org/springframework/web/servlet/config/annotation/CorsRegistration.java +++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/config/annotation/CorsRegistration.java @@ -36,7 +36,7 @@ public class CorsRegistration { private final String pathPattern; - private final CorsConfiguration config; + private CorsConfiguration config; public CorsRegistration(String pathPattern) { @@ -150,7 +150,7 @@ public class CorsRegistration { * @since 5.3 */ public CorsRegistration combine(CorsConfiguration other) { - this.config.combine(other); + this.config = this.config.combine(other); return this; } diff --git a/spring-webmvc/src/test/java/org/springframework/web/servlet/config/annotation/CorsRegistryTests.java b/spring-webmvc/src/test/java/org/springframework/web/servlet/config/annotation/CorsRegistryTests.java index f442b2b955..105496ec02 100644 --- a/spring-webmvc/src/test/java/org/springframework/web/servlet/config/annotation/CorsRegistryTests.java +++ b/spring-webmvc/src/test/java/org/springframework/web/servlet/config/annotation/CorsRegistryTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2021 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -77,4 +77,24 @@ public class CorsRegistryTests { .as("Globally origins=\"*\" and allowCredentials=true should be possible") .containsExactly("*"); } + + @Test + void combine() { + CorsConfiguration otherConfig = new CorsConfiguration(); + otherConfig.addAllowedOrigin("http://localhost:3000"); + otherConfig.addAllowedMethod("*"); + otherConfig.applyPermitDefaultValues(); + + this.registry.addMapping("/api/**").combine(otherConfig); + + Map configs = this.registry.getCorsConfigurations(); + assertThat(configs.size()).isEqualTo(1); + CorsConfiguration config = configs.get("/api/**"); + assertThat(config.getAllowedOrigins()).isEqualTo(Collections.singletonList("http://localhost:3000")); + assertThat(config.getAllowedMethods()).isEqualTo(Collections.singletonList("*")); + assertThat(config.getAllowedHeaders()).isEqualTo(Collections.singletonList("*")); + assertThat(config.getExposedHeaders()).isEmpty(); + assertThat(config.getAllowCredentials()).isNull(); + assertThat(config.getMaxAge()).isEqualTo(Long.valueOf(1800)); + } }