search

pact-foundation / pact-mock_service

Provides a mock service for use with Pact
https://pact.io
MIT License
73 stars 69 forks source link

CORS missing pre-flight requests #67

Closed mefellows closed 4 weeks ago

mefellows commented 7 years ago

See https://github.com/pact-foundation/pact-js/issues/58#issuecomment-304843097 for some background.

If you start the mock service as follows:

pact-mock-service --cors true --port 1234

And then cURL it, you can see, the Access-Control-Allow-Origin: * header is coming back, but nothing to do with methods it supports (e.g. Access-Control-Allow-Methods or the other headers) . Further more, a cURL with OPTIONS is returning a 500 which means pre-flight requests won't work.

GET and POST (and HEAD) requests don't require a pre-flight, which probably explains why they have worked to date, however PUT and others do.

Looks like we don't support the OPTIONS pre-flight check, and probably explicitly allow all methods to be used.

bethesque commented 7 years ago

For later: https://github.com/pact-foundation/pact-mock_service/blob/master/lib/pact/consumer/mock_service/cors_origin_header_middleware.rb#L26

bethesque commented 6 years ago

Not sure if there is a change required here or not? The original issue has been closed.

YOU54F commented 4 weeks ago

believe this is complete in

https://github.com/pact-foundation/pact-mock_service/pull/121