zmiana reguły firewalla

.gitignore

@@ -2,15 +2,15 @@
 /src/main/frontend/.vscode/
 /src/main/frontend/node_modules/
 /target/
-/src/main/resources/frontend/
+/src/main/resources/static/
 /src/main/resources/application-secrets.properties
 /backend/target/
 /node/
 /frontend/bin/
 /frontend/node/
 /.idea/
 /.jpb/**
-
+pom.xml.versionsBackup
 .idea/**/workspace.xml
 .idea/**/tasks.xml
 .idea/**/usage.statistics.xml

src/main/frontend/src/environments/environment.prod.ts

@@ -1,4 +1,5 @@
 export const environment = {
   production: true,
-  API_URL: 'http://130.61.100.99:8080/'
+  API_URL: 'http://localhost:8080'
+  // API_URL: 'http://130.61.100.99:8080'
 }

src/main/java/pl/janis/komornik/config/MyAuthenticationStrategy.java

@@ -8,7 +8,6 @@
 import org.springframework.security.web.csrf.CsrfTokenRepository;
 import org.springframework.security.web.csrf.CsrfTokenRequestHandler;
 import org.springframework.security.web.csrf.DeferredCsrfToken;
-import pl.janis.komornik.filter.MyCsrfTokenRequestHandler;
 
 public class MyAuthenticationStrategy implements
         SessionAuthenticationStrategy {

src/main/java/pl/janis/komornik/filter/MyCsrfTokenRequestHandler.java → src/main/java/pl/janis/komornik/config/MyCsrfTokenRequestHandler.java

@@ -1,4 +1,4 @@
-package pl.janis.komornik.filter;
+package pl.janis.komornik.config;
 
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;

src/main/java/pl/janis/komornik/config/SecurityConfig.java

@@ -11,6 +11,7 @@
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@@ -19,10 +20,10 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.security.web.csrf.CsrfTokenRepository;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.security.web.header.writers.XXssProtectionHeaderWriter;
 import org.springframework.web.cors.CorsConfiguration;
 import pl.janis.komornik.filter.CsrfCookieFilter;
-import pl.janis.komornik.filter.MyCsrfTokenRequestHandler;
 import pl.janis.komornik.service.UserService;
 
 import java.util.Collections;
@@ -64,7 +65,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                     auth.requestMatchers("/csrf").permitAll();
                     auth.requestMatchers(
                                     HttpMethod.GET,
-                                    "/index*", "/static/**", "/*.js", "/*.css", "/*.json", "/*.ico")
+                                    "/index*", "/assets/**", "/*.js", "/*.css", "/*.json", "/*.ico")
                             .permitAll();
                     auth.requestMatchers(HttpMethod.OPTIONS).permitAll();
                     auth.anyRequest().authenticated();
@@ -102,4 +103,11 @@ public PasswordEncoder passwordEncoder() {
     public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
         return authConfig.getAuthenticationManager();
     }
+
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer() {
+        StrictHttpFirewall firewall = new StrictHttpFirewall();
+        firewall.setAllowBackSlash(true);
+        return (web) -> web.httpFirewall(firewall);
+    }
 }