CORS Error in Web Editor

doyensec / inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

https://doyensec.com/

Apache License 2.0

1.51k stars 156 forks source link

CORS Error in Web Editor #133

Closed lokiuox closed 8 months ago

lokiuox commented 10 months ago

Describe the bug Responses sent to web editor (GraphiQL, Voyager, etc) should be modified to inject CORS headers. At the moment this is already done on OPTIONS preflight requests, but from testing it looks like it's not enough and needs to be done on POST requests too.

execveat commented 10 months ago

Ah, makes sense. Yeah, we should handle all possible conditions in the same way.

lokiuox commented 8 months ago

Fixed in 3b21d47bdc530d4fe67c95777440d2976bf72221