Closed edeandrea closed 8 months ago
Hey @edeandrea!
Is this a regression? Did you have it working when using the quay.io/microcks/microcks-uber:1.8.1
or the quay.io/microcks/microcks-uber:1.8.0
images? CORS pref-flight requests are supposed to work but we've made some changes lately... I'll have to dive into them.
Thanks,
To be honest I've been using the nightly image for a while. I can try some previous images if you'd like.
I think it was working at one point but to be honest I'm not sure I ever tried the POST request from the browser, so I can't be 100% sure it ever worked.
Looks like we change the default value for Access-Allow-Credentials
header. See https://github.com/Orange-OpenSource/microcks/commit/36dc55e1230867abec8fb0ec6ae67432e001f89c
Could you please try with putting the following configuration in application.properties
:
quarkus.microcks.devservices.container-env.CORS_REST_ALLOW_CREDENTIALS=true
I'll give it a try tomorrow morning.
Thanks for the quick reply!
We also have this issue/PR that is open and seems to be related to previous changes: https://github.com/microcks/microcks/pull/1061
Hey Eric. This should be solved with https://github.com/microcks/microcks/issues/1082
Can you try a fresher nightly
container image?
Using the new nightly
image the CORS preflight request goes through, but then the subsequent POST fails.
If I use something like Postman to make the POST (no CORS involved), I get what I would expect back.
Weird... Can you see the second request actually hitting the microcks server with some logs?
Nothing in the microcks log when I try to do the POST request in the browser. I'm getting this in the browser:
localhost/:1 Access to XMLHttpRequest at 'http://localhost:58521/rest/Fights+API/1.0/api/fights' from origin 'http://localhost:8080' has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.
Ok. So it may be still related to this last one: https://github.com/microcks/microcks/pull/1085
If you need a good test bed for this the quarkus superheroes is easy to stand up (& is already configured with the microcks nightly
image).
cd ui-super-heroes
./mvnw clean quarkus:dev
Fight
buttonI will not be able to look at it in the coming hours as I'm speaking at a meetup. Will look at it probably tonight.
No worries.
Do you want me to try with
quarkus.microcks.devservices.container-env.CORS_REST_ALLOW_CREDENTIALS=true
?
Can you make another screen with all the request headers?
Using the new
nightly
image the CORS preflight request goes through, but then the subsequent POST fails.If I use something like Postman to make the POST (no CORS involved), I get what I would expect back.
I notice in the preflight request, the Access-Control-Allow-Headers
response header doesn't contain Content-Type
, which is a header present in the POST request.
Preflight request:
POST request:
Hi @edeandrea,
Our latest changes should fix this issue. Can you have another test on a fresh nightly
image and confirm it?
Hi @lbroudoux the latest nightly
image seems to work! Thanks for the quick work!
Great 👍 BTW, have you checked https://github.com/microcks/microcks-testcontainers-java-spring-demo ? I plan to do the same thing for Quarkus. Would you be interested in helping or reviewing?
I'd definitely be interested in helping or reviewing!
Working on it this Friday! I'll let you as soon as I get something that can be used.
Describe the bug
This came from https://github.com/quarkusio/quarkus-super-heroes/issues/687 - whats happening is I have a react app configured to talk to the Microcks dev service. Because its a browser request and my request is a POST, I'm getting a CORS issue because the React app is talking to a different port than where it was originally served from.
You can see its doing the CORS pre-flight request
which is then failing
How do I get around this?
Expected behavior
No response
Actual behavior
No response
How to Reproduce?
No response
Microcks version or git rev
quay.io/microcks/microcks-uber:nightly
Install method (
docker-compose
,helm chart
,operator
,docker-desktop extension
,...)Quarkus dev service
Additional information
No response