Problem: forms search fails in DativeV1 Chrome (CORS issue)

[jrwdunham]

Problem

Dative v. 1 is failing to perform searches across forms (in some browsers and some versions) because it uses the non-standard SEARCH HTTP method and this violates the CORS rules. See investigation section below.

Acceptance Criteria

• Ensure that Dative v. 2 (DativeRF) uses the POST forms/search endpoint when issuing search requests (not the SEARCH /forms endpoint.)
• Document the nature and details of the problem in this issue.

Investigation

This is the error text from the browser console in Chrome:

Access to XMLHttpRequest at 'https://app.onlinelinguisticdatabase.org/blaold/forms'
from origin 'https://app.dative.ca' has been blocked by CORS policy:
Method SEARCH is not allowed by Access-Control-Allow-Methods in preflight response.

It does not appear that we can fix this in the OLD REST API. The OLD already returns SEARCH in the Access-Control-Allow-Methods list.

Dative v. 1 is using the non-standard HTTP method SEARCH. It should use the POST method for this endpoint that is provided, but it does not. Unfortunately, we can't really fix Dative v. 1 because its CoffeeScript source is too old.

Error in Chrome

Chrome Ignores SEARCH Method in Preflight Response

Firefox Recognizes SEARCH Method in Preflight Response

[jrwdunham]

I am closing this issue. I have investigated and documented it. I do not believe it can be fixed in OLD-Pyramid or Dative v. 1. I have made a note in the relevant issue for Dative v. 2 for how we can sidestep it there.