From 4b2afce8d2e0015d8c7568ce17b311c66fa78024 Mon Sep 17 00:00:00 2001
From: vimal-tech-starter <varnam2311@gmail.com>
Date: Tue, 14 Apr 2026 08:40:08 +0530
Subject: [PATCH] Entire CorsConfig.java file with this commented-out version:

Handled via nginx

Signed-off-by: vimal-tech-starter <varnam2311@gmail.com>
---
 .../contactapi/config/CorsConfig.java         | 52 +++++++++++--------
 1 file changed, 30 insertions(+), 22 deletions(-)

diff --git a/src/main/java/com/vimaltech/contactapi/config/CorsConfig.java b/src/main/java/com/vimaltech/contactapi/config/CorsConfig.java
index 92fb1ec..c01f528 100644
--- a/src/main/java/com/vimaltech/contactapi/config/CorsConfig.java
+++ b/src/main/java/com/vimaltech/contactapi/config/CorsConfig.java
@@ -1,26 +1,34 @@
 package com.vimaltech.contactapi.config;
 
-import org.jspecify.annotations.NonNull;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+// import org.jspecify.annotations.NonNull;
+// import org.springframework.context.annotation.Bean;
+// import org.springframework.context.annotation.Configuration;
+// import org.springframework.web.servlet.config.annotation.CorsRegistry;
+// import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
-@Configuration
-public class CorsConfig {
+/*
+ * =========================================================================
+ * DISABLED: CORS is now handled globally at the Nginx reverse-proxy level.
+ * =========================================================================
+ * If we leave this enabled, Spring Boot and Nginx will BOTH inject
+ * Access-Control-Allow-Origin headers, causing a browser security failure.
+ */
 
-    @Bean
-    public WebMvcConfigurer corsConfigurer() {
-        return new WebMvcConfigurer() {
-            @Override
-            public void addCorsMappings(@NonNull CorsRegistry registry) {
-                registry.addMapping("/**")
-                        .allowedOrigins(
-                                "http://localhost:3000",
-                                "https://vimaltech.dev")
-                        .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
-                        .allowedHeaders("*");
-            }
-        };
-    }
-}
\ No newline at end of file
+// @Configuration
+// public class CorsConfig {
+//
+//     @Bean
+//     public WebMvcConfigurer corsConfigurer() {
+//         return new WebMvcConfigurer() {
+//             @Override
+//             public void addCorsMappings(@NonNull CorsRegistry registry) {
+//                 registry.addMapping("/**")
+//                         .allowedOrigins(
+//                                 "http://localhost:3000",
+//                                 "https://vimaltech.dev")
+//                         .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+//                         .allowedHeaders("*");
+//             }
+//         };
+//     }
+// }
\ No newline at end of file