API_LIST and csrf settings

const API_LIST inside API.js set to relative endpoint, instead of absolute
const API_LIST = ‘/todolist’;

 Add csrf.disable inside WebSecurityConfiguration.java line inside configure(…) method
httpSecurity.csrf().disable();

Author: Kuassim

MtdrSpring/backend/src/main/frontend/src/API.js

@@ -13,9 +13,8 @@
  * https://petstore.swagger.io/
  * @author  [email protected]
  */
-// const API_LIST = 'http://localhost:8080/todolist';
 // Copy from the endpoint from the API Gateway Deployment
 // Example: const API_LIST = 'https://di2eyonlz5s7kmuektcddaw5zq.apigateway.<region>.oci.customer-oci.com/todolist';
-const API_LIST = 'https://di2eyonlz5s7kmuektcddaw5zq.apigateway.eu-frankfurt-1.oci.customer-oci.com/todolist';
-
+// const API_LIST = 'https://di2eyonlz5s7kmuektcddaw5zq.apigateway.eu-frankfurt-1.oci.customer-oci.com/todolist';
+const API_LIST = '/todolist';
 export default API_LIST;

MtdrSpring/backend/src/main/java/com/springboot/MyTodoList/security/WebSecurityConfiguration.java

@@ -12,6 +12,7 @@
 public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity.csrf().disable();
         httpSecurity.authorizeRequests().anyRequest().authenticated().and().
                 formLogin().and().logout().permitAll();
     }