From 53b12042a8afdd16d5a7c9468b5d7436b1883e62 Mon Sep 17 00:00:00 2001
From: Jaehyun Ahn <91878695+uwoobeat@users.noreply.github.com>
Date: Thu, 8 Feb 2024 00:02:23 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=EB=AA=A8=EB=B0=94=EC=9D=BC=20=EA=B0=9C?=
 =?UTF-8?q?=EB=B0=9C=ED=99=98=EA=B2=BD=20=ED=85=8C=EC=8A=A4=ED=8A=B8?=
 =?UTF-8?q?=EB=A5=BC=20=EC=9C=84=ED=95=B4=20CORS=20=EC=A0=95=EC=B1=85?=
 =?UTF-8?q?=EC=97=90=20ngrok=20=EB=8F=84=EB=A9=94=EC=9D=B8=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80=20(#292)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: CORS 설정에 ngrok URL 패턴 추가

* fix: CORS 설정에 로컬호스트 https 도메인 추가
---
 .../com/depromeet/global/common/constants/UrlConstants.java    | 3 +++
 .../depromeet/global/config/security/WebSecurityConfig.java    | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/src/main/java/com/depromeet/global/common/constants/UrlConstants.java b/src/main/java/com/depromeet/global/common/constants/UrlConstants.java
index 501277f99..eefb6fb6d 100644
--- a/src/main/java/com/depromeet/global/common/constants/UrlConstants.java
+++ b/src/main/java/com/depromeet/global/common/constants/UrlConstants.java
@@ -13,6 +13,9 @@ public enum UrlConstants {
     PROD_DOMAIN_URL("https://www.10mm.today"),
     DEV_DOMAIN_URL("https://www.dev.10mm.today"),
     LOCAL_DOMAIN_URL("http://localhost:3000"),
+    LOCAL_SECURE_DOMAIN_URL("https://localhost:3000"),
+
+    NGROK_DOMAIN_URL("https://*.ngrok-free.app"),
 
     IMAGE_DOMAIN_URL("https://image.10mm.today"),
     ;
diff --git a/src/main/java/com/depromeet/global/config/security/WebSecurityConfig.java b/src/main/java/com/depromeet/global/config/security/WebSecurityConfig.java
index b149a7118..49aa28b35 100644
--- a/src/main/java/com/depromeet/global/config/security/WebSecurityConfig.java
+++ b/src/main/java/com/depromeet/global/config/security/WebSecurityConfig.java
@@ -126,6 +126,8 @@ public CorsConfigurationSource corsConfigurationSource() {
         if (springEnvironmentUtil.isDevProfile()) {
             configuration.addAllowedOriginPattern(UrlConstants.DEV_DOMAIN_URL.getValue());
             configuration.addAllowedOriginPattern(UrlConstants.LOCAL_DOMAIN_URL.getValue());
+            configuration.addAllowedOriginPattern(UrlConstants.LOCAL_SECURE_DOMAIN_URL.getValue());
+            configuration.addAllowedOriginPattern(UrlConstants.NGROK_DOMAIN_URL.getValue());
         }
 
         configuration.addAllowedHeader("*");