Closed KenoKokoro closed 6 years ago
Hello @KenoKokoro. Can you please provide curl (Postman can provide it) for your OPTIONS request, if the issue is still valid.
Hello @vgarvardt
curl -X OPTIONS \
http://gate.local/catalog/stores \
-H 'Accept: application/json' \
-H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hdXRoLmpvY2FsaW8ubG9jYWxcL2FwaVwvdjFcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNTMzNTY0OTk1LCJleHAiOjE1MzM3ODA5OTUsIm5iZiI6MTUzMzU2NDk5NSwianRpIjoiYjVIVXZLNnI3STlrczVjZyIsInN1YiI6MSwicHJ2IjoiMjNiZDVjODk0OWY2MDBhZGIzOWU3MDFjNDAwODcyZGI3YTU5NzZmNyJ9.yWZldR8D2zWaOvWKmByNvowEikgHbKHvpMmbneAfrM0' \
-H 'Cache-Control: no-cache' \
-H 'Content-Type: application/json' \
-H 'Origin: http://dashboard.local' \
-H 'Postman-Token: ddf18513-4549-4f66-8e99-3096b82a13b4' \
-d '{
"difficulty": ""
}'
I still have the issue, if the method is GET, I can see the cors response headers, but not for OPTIONS method.
Thanks
@KenoKokoro I have been working on this issue non-stop for a week now. I seem to have figured out many of the problems. Do you want to work together and try to troubleshoot what is happening?
@locker1776 I would gladly help, but I have 0 knowledge of Go Lang, I am not sure if I am qualified enough to help you or provide a PR.
@KenoKokoro you're missing CORS-required Access-Control-Request-Method
header in your request: -H 'Access-Control-Request-Method: POST'
for POST method in curl.
@vgarvardt Yes. All good now. Thanks a lot!
I am not sure if I have bad configuration or it is actually something wrong here, but I don't receive the
CORS
headers on theOPTIONS
method. Since my client is web client, when I requestPOST
method on the login route with application/json content type I can't actually hit thePOST
method, since theOPTIONS
preflight request doesn't contains the required headers to continue with the request and I getResponse to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
in console.Reproduction Steps:
localhost:8081/apis/auth.json
:localhost:8080/oauth/auth/login
route from postman withPOST
request I get the response expected from the auth service with the expectedCORS
headers (since I changed the origin in the request headers)OPTIONS
method ( just like from browser ), those headers aren't present and also I noticed it proxies the request to the application, which I don't really need it, myCORS
headers will be set on the gateway. And if I remove theOPTIONS
from theproxy.methods
i get405 Method not allowed
response. This are the headers from theOPTIONS
request tolocalhost:8080/oauth/auth/login
:What I first tried was to setup a oauth server for janus, but I also got the same response there, and that's why I tested it like a regular proxy endpoint, not as a oauth server.
Shouldn't it hit the
OPTIONS
method and return theCORS
response from the gateway? Have I done something wrong with the configuration?Janus version: I don't know exactly I am using the docker image using docker-compose:
OS and version: