Open linvi opened 9 years ago
Interesting! Lots of informations!
Hi phillip,
Any idea what could be going wrong? I don't know Nancy well enough to know how to retrieve ALL the WebRequests received by the server.
Thanks for looking into it. Linvi
I'm still at work so I haven't looked into it yet. Just happy you gave a lot of information. I'll take a closer look this weekend to see if I can reproduce and figure out whats going on.
This stack overflow answer looks like it might be what you need.
Hi,
Thanks for your answer.
I already looked at this post (and tried it). The problem here is that the WebRequest is never handled by Nancy. This code is never invoked and yet Nancy returns a status code of 200 without the additional headers that this solution or mine try to add.
Cheers, Linvi
Hi here,
Any luck with identifying what could be going wrong with this issue?
Cheers, Linvi
My flatmate has my old laptop and I can't buy my new one because apple has no stock. :( so I'm waiting for him to get home so I can steal the laptop for an hour.
Sorry @linvi, I just don't have a laptop at the moment with OSX to test on :(
I am stealing it for the weekend tho because I'll be traveling to Thailand so I'll try reproduce then.
Hi,
No worries, but just to be clarify, I am not reproducing this issue on OSX, I have this issue on Windows 8.1.
Cheers
Ahhh I've confused this with another bug I'm trying to reproduce with Xamarin on OSX.
SORRY!
I'll try and look at this tonight then.
Any luck?
I haven't been able to reproduce it yet. Still trying. I only got to spend an hour on it last night.
BUT I have started investigating.
Hi, Thanks for taking the time to look into it. Do you want me to create a repro project?
It you could that would be great. Sorry I am in Thailand.
Sent by Outlook for Android
On Mon, Jun 8, 2015 at 3:01 AM -0700, "linvi" notifications@github.com wrote:
Hi, Thanks for taking the time to look into it. Do you want me to create a repro project?
— Reply to this email directly or view it on GitHub.
I'm still awating for this!
I guess it's because you didn't handle preflight sent by the browser.
I was able to pass through CORS using the code below in the Configure method:
`
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public virtual void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
// Shows UseCors with CorsPolicyBuilder.
app.UseCors(builder =>
builder.WithOrigins(new[] { "http://localhost:4200" }).AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials()
);
app.UseOwin(a => a.UseNancy(b => b.Bootstrapper = new NancyBootstrap(this.Container)));
}
`
Hello,
First of all thank you so much for this great framework. I really appreciate the fact that the library is divided in multiple modules and that we can handle what the server does. This is way better than Microsoft WebAPI for sure.
Now concerning my problem. I am using Nancy to implement a REST API. This API should allow cross domain requests. Everything is working fine with normal webrequests. But if I add a custom header to my query, Nancy totally ignores the request and I never receive any event informing that a request has been received by Nancy.
Please find more information below concerning my code.
Here is my NancyModule :
The before event is never raised if a custom header is added to the WebRequest.
In my bootstrapper I override the RequestStartup to initialize the CORS headers as followed:
As you can see in the 2 last lines, I add a custom header to be available in cross domain requests. I then use the stateless authenticate as followed:
Ajax WebRequest :
If the line
xhr.setRequestHeader('MY_HEADER', 'my value');
is removed the request is received by Nancy. If a header is added the request is never received. Or at least I never get any event raised.When a header is added this result in the following : "XMLHttpRequest cannot load http://localhost:8081/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access."
Finally here are the headers displayed in Chrome:
You can see that no
Access-Control-Allow-Origin
is present in the response headers.I greatly appreciate your help. Linvi