Open Rawk opened 4 years ago
Agree with that, actually posted a question on stack overflow on what should be the status code: https://stackoverflow.com/questions/64352697/should-a-server-implementing-cors-always-reply-with-a-2xx-code
Fwiw, if you use a custom error handler, simply decorating it with @cross_origin()
will make the OPTIONS
preflight requests succeed with 200 and the actual request will fail with the response from your error handler, which can then be parsed by clients as usual.
That's how I implemented it in my backend after struggling with not receiving the correct error responses in javascript.
I think it would be awesome to test and document the approach described by @nioncode
I want to show users of my webapp a "Resource not found" message when the requested path is not found (404) on the backend API.
To do that, the CORS preflight have to succeed (200 OK), so that the real request can give the 404 response.
Client use-case example:
CORS preflight succeeding for unknown path would give: