Closed patientplatypus closed 5 years ago
evancz
commented
5 years ago I would not feel comfortable writing docs about this topic generally. It could be quite long, and I think it is best for the docs to stay primarily about the specific APIs. If you have a specific situation you ran into, that may help reveal how it can be added to the docs in a way that flows nicely.
dillonkearns
commented
5 years ago @evancz I'm not sure if this is the best place for this discussion, but some users of dillonkearns/elm-graphql have been reporting that they are now getting CORS errors unless they use the risky version of the Graphql.Http helpers to send their requests. I'm not exactly sure what to tell them because I don't know the reasoning behind the change in the elm/http package.
I agree that this package is not the right place to document how CORS works, it's best to leave that to other sources. But it would be helpful to have some documentation that describes how the CORS policy has changed between elm/http@1.0.0 and elm/http@2.0.0 and some of the rationale for the change. And perhaps it's worth making it clear what users should expect when they upgrade, or making a note that they should confirm that certain requests still work as expected.
Let me know if there are other details or examples that I could provide that could help out here!
evancz
commented
5 years ago @dillonkearns, the only change is that withCredentials is no longer a directly available as a boolean value. Instead you make a request where it is false or a riskyRequest where it is true. So it should be the same as before. You just set it in a different way that makes it more notable.
If people can make examples of code they wrote and problems they ran into, please make an issue that documents it. Ideally something that can be reproduced. If it seems tricky, I can add docs. Otherwise, there is not enough information here to know exactly what people are asking.
dillonkearns
commented
5 years ago @evancz thanks for the reply. I apologize for the confusion there, I actually had a bug where I had flipped the logic for whether to use risky or not. It was just reported and fixed a few days ago. I forgot to update the thread here, sorry about that!
I agree that the current docs are sufficient (they provide a link to the withCredentials docs) and shouldn't be extended to include any more detail on CORS, that's beyond the scope of the Elm Http docs. Thanks!
There's no examples on how to fix CORS issues or examples of headers generally. The docs have one example and then point to a few different sources with more examples, but the only place that has a complete API listing is the previous (deprecated) elm-http package. It would be nice if there were a full API listing for this package. As a new entrant to the language I have little idea on what syntax to use - a missing comma or semicolon can mean the difference between the package working or not of course.