Closed Rebolon closed 1 year ago
Hm, I actually have that problem not related to 2.0. I got that with 1.5.
Same issue here:
api-platform/core | 2.5.5 |
nelmio/cors-bundle | 1.5.6 or 2.0.1 |
symfony | 4.4.7 |
nelmio_cors:
paths:
'^/':
origin_regex: true
allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
allow_methods: ['GET', 'POST', 'PUT', 'DELETE']
allow_headers: ['Content-Type', 'Authorization']
expose_headers: ['Link']
max_age: 3600
No route found for "OPTIONS /xxxxxxx": Method Not Allowed (Allow: GET, POST)
Nelmio CorsListener does not intercept OPTIONS
requests unless there is a Access-Control-Request-Method
header in it.
This bundle should be marked as unmaintained by owner if this issue is unsolved such long time.
I recommend to anyone use custom Event Listener from artice
https://blog.liplex.de/symfony-cors-listener/
For me it works.
Nelmio CorsListener does not intercept OPTIONS requests unless there is a Access-Control-Request-Method header in it.
Why would it need to react to / accept non-CORS OPTIONS requests? It is not the business of the bundle to deal with those, so they return a 405 it sounds fine by me.
When migrating from nelmio@1.5.6 to nelmio@2.0.x then all HTTP OPTIONS request leads to 405 (Method Not Allowed)
We use Symfony standard controller but also api platform and both are failing.
Symfony 4.3 ApiPlatform 2.4 Nelmio 2.0.1 Apache 2.2
For instance, we rolledback to 1.5.6
[edit] I have the same problem with symfony 5