search

bcgov / DBC-APIM

DataBC OPEN API Services
Apache License 2.0
1 stars 0 forks source link

Update router api spec #74

Open BK01 opened 6 years ago

BK01 commented 6 years ago

Please update OpenAPI spec (3) in your branch for the Route Planner.

mraross has provided details in the link below. https://github.com/bcgov/api-specs/issues/263

banders commented 6 years ago

@BK01 @ll911

I added support for the router API's new POST operations, but it appears that CORS headers aren't enabled for POST.

These are the response headers from the GET request (which does work):

access-control-expose-headers:Origin,apikey,Access-Control-Allow-Origin,Access-Control-Allow-Methods access-control-allow-origin:http://localhost:9090

(The second one exists to allow me to test from my local computer.) Can we support the same headers on POST requests?

ll911 commented 6 years ago

Router cors set with RGEX with only valid gov domain. Router in DLV has whitelist for github.io

From: banders notifications@github.com Reply-To: bcgov/DBC-APIM reply@reply.github.com Date: Monday, December 4, 2017 at 9:36 AM To: bcgov/DBC-APIM DBC-APIM@noreply.github.com Cc: "Lou, Leo JTT:EX" Leo.Lou@gov.bc.ca, Mention mention@noreply.github.com Subject: Re: [bcgov/DBC-APIM] Update router api spec (#74)

@BK01https://github.com/bk01 @ll911https://github.com/ll911

I added support for the router API's new POST operations, but it appears that CORS headers aren't enabled for POST.

These are the response headers from the GET request (which does work):

access-control-expose-headers:Origin,apikey,Access-Control-Allow-Origin,Access-Control-Allow-Methods access-control-allow-origin:http://localhost:9090

(The second one exists to allow me to test from my local computer.) Can we support the same headers on POST requests?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/bcgov/DBC-APIM/issues/74#issuecomment-349040366, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ALZU2Y31MDMi4DJhuVUXmtaTOfv9r47Dks5s9C2pgaJpZM4QxR0i.

banders commented 6 years ago

Ok, although the CORS headers I listed above are included with GET operations even from outside the bc gov domains. In this case it seems strange to have different policies for GET and POST.

BK01 commented 6 years ago

DataBC to verify in cad.data

BK01 commented 6 years ago

@mraross @BK01 The following Route Planner API console is available for UAT

BK01 commented 6 years ago

DataBC UAT still ongoing