Like Stefan Isele has already mentioned it seems that spring security redirects or doesn't add the CORS header so that's why the request seems to Beryllium broken. So while spring security is checking the authentification it has to add the proper header. Enhance the article with your expertise. Contribute to https://epictetusd951deg9.anchor-blog.com/profile