Points To Remember

Add the comma separated Headers (standard and Custom headers)

CORs Allow Custom Headers in Ajax calls

method : 'POST',
url : 'url',
headers: {'Custom-Header-1':'h1','Custom-Header-2':'h2'},
success: function(data){},
error : function(error){}

public class CorsFilter implements Filter {

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with, Custom-Header-1 , Custom-Header-2, X-Auth-Token");
chain.doFilter(req, res);

public void init(FilterConfig filterConfig) {}

public void destroy() {}


  • Add the above filter in your spring boot application.
  • Add the comma separated headers at line 9 (highlighted)