From 1930389734804621c4eabcb58a1caceae17e5bca Mon Sep 17 00:00:00 2001
From: GordeaS <4517853+gsergiu@users.noreply.github.com>
Date: Thu, 28 Nov 2024 22:26:38 +0100
Subject: [PATCH] cors configs for remove items #EA-3958

---
 .../java/eu/europeana/set/web/config/WebMvcConfig.java   | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java b/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java
index 2c7f677b..105688b6 100644
--- a/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java
+++ b/set-web/src/main/java/eu/europeana/set/web/config/WebMvcConfig.java
@@ -72,13 +72,20 @@ public void addCorsMappings(CorsRegistry registry) {
         .allowCredentials(false).maxAge(600L); // in seconds
 
 
+     // insert/remove multiple items
+    registry.addMapping("/set/*/items").allowedOrigins("*").allowedMethods("PUT", "DELETE")
+        .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
+            HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, HttpHeaders.ETAG,
+            HttpHeaders.VARY, HttpHeaders.PREFERENCE_APPLIED)
+        .allowCredentials(false).maxAge(600L); // in seconds
+    
     // publish/unpublish
     registry.addMapping("/set/*/*").allowedOrigins("*").allowedMethods("PUT")
         .exposedHeaders(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
             HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, HttpHeaders.ALLOW, HttpHeaders.ETAG,
             HttpHeaders.VARY, HttpHeaders.PREFERENCE_APPLIED)
         .allowCredentials(false).maxAge(600L); // in seconds
-
+    
     // add,remove,exists item in set
     registry.addMapping("/set/*/*/*").allowedOrigins("*")
         .allowedMethods("GET", "HEAD", "PUT", "DELETE")