search

nelmio / NelmioCorsBundle

Adds CORS (Cross-Origin Resource Sharing) headers support in your Symfony application
https://symfony.com/bundles/NelmioCorsBundle/
MIT License
1.89k stars 108 forks source link

Symfony does not stop execution if CORS response is empty #113

Closed spaceemotion closed 1 year ago

spaceemotion commented 5 years ago
Package Version
Symfony 4.1.6
nelmio/cors-bundle: 1.5.4

I just added this package to our project today and am getting normal validation and execution errors from our controller actions unless I specifically send a response after validating a CORS request in the CorsListener class:

protected function getPreflightResponse(Request $request, array $options)
{
    // ...

    $response->setContent('ok'); // <-- added this
    return $response;
}

Not sure if this is a normal symfony issue or something with this package though…

This is the config I am using:

nelmio_cors:
    paths:
        '^/':
            allow_credentials: true
            origin_regex: true
            allow_origin: ['^https?://localhost(:[0-9]+)?$']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
            allow_headers: ['origin', 'accept', 'content-type']