trowski
commented
4 months ago OPTIONS is a different HTTP verb, and as such a route should be provided to handle it. You would not want a handler expecting another verb to receive an OPTIONS request.
// $router is an instance of Amp\Http\Server\Router
$router->addRoute('OPTIONS', '/', new ClosureRequestHandler(
fn () => new Response(HttpStatus::OK, ['Access-Control-Allow-Origin' => '*']),
));
I am creating a small API with Amphp Server in a subdomain and the interface is in the main domain, the classic usage is:
frontend https://app.com
API https://api.app.com
The browser is sending a preflight request, GET + preflight, with the OPTIONS method, so the server responds NOT ALLOWED METHOD and the browser returns a CORS error.
I could send the pull request but before sending it I'm researching the best way to do it. Please, check the following PR #13 for a better context.
The idea in this code is handle CORS preflight request using a global middleware, so the question is: ¿Is it the best way? ¿could I send a pull request with an improved code but with same idea?. Thanks.