Open edevosc2c opened 1 month ago
Note for later: It would be great to have some kind of CHANGELOG or an announcement when things related to modifying the response are altered in the gateway.
Because I literally spent 6 hours trying to diagnose this bug.
Since https://github.com/georchestra/georchestra-gateway/commit/37ff94b9ebf668f3fbeb99a18baaa75ebb2d5acf, when you do a POST request and this request returns a 403 forbidden error.
You lose all the headers sent by the application and all the headers like X-Frame-Options are not set. Most importantly,
XSRF-TOKEN
is lost and we have a client that do a request like this in the below example.Before commit 37ff94b9ebf668f3fbeb99a18baaa75ebb2d5acf
After commit 37ff94b9ebf668f3fbeb99a18baaa75ebb2d5acf
What should we do? My understanding is that we shouldn't modify the response by the application.