search

PygmalionAI / aphrodite-engine

PygmalionAI's large-scale inference engine
https://pygmalion.chat
GNU Affero General Public License v3.0
606 stars 78 forks source link

[Bug]: Unable to use OpenAI API with an auth key via a web browser due to OPTIONS preflight request returning 401. #434

Closed LostRuins closed 5 days ago

LostRuins commented 3 weeks ago

Your current environment

Kobold Lite in Web Browser

🐛 Describe the bug

Issue: Aphrodite requires OPTIONS preflight requests to also have Bearer Authorization to work. If it does not have a bearer token, the OPTIONS request will fail with a 401 (and thus terminating the linked GET request as well).

This is against spec, the OPTIONS requests sent by browsers do not (and cannot) include Authorization headers.

https://stackoverflow.com/questions/59681742/options-request-gets-a-401-unauthorized-response

Rather, the OPTIONS should return the necessary CORS allowed 200 responses regardless of key, then the authorization can be applied for the GET request instead.

AlpinDale commented 3 weeks ago

Fixed in #439

Will close this issue once the release candidate branch is merged. Thanks for reporting!