The gateway can be configured to control CORS behavior. The "global" CORS configuration is a map of URL patterns to Spring Framework
spring: cloud: gateway: globalcors: corsConfigurations: '[/**]': allowedOrigins: "https://docs.spring.io" allowedMethods: - GET
In the example above, CORS requests will be allowed from requests that originate from docs.spring.io for all GET requested paths.
To provide the same CORS configuration to requests that are not handled by some gateway route predicate, set the property
spring.cloud.gateway.globalcors.add-to-simple-url-handler-mapping equal to true. This is useful when trying to support CORS preflight requests and your route predicate doesn’t evalute to true because the http method is