Exclude specific resource page(s) from Cross-Origin-Resource-Policy same-origin header in Spring WebSecurityConfigurerAdapter
We have a Java class that extends Spring’s WebSecurityConfigurerAdapter and sets all of our security headers and such. Leaving only the relevant parts of the code, it’s currently like this: