search

strapi / strapi

🚀 Strapi is the leading open-source headless CMS. It’s 100% JavaScript/TypeScript, fully customizable, and developer-first.
https://strapi.io
Other
63.84k stars 8.13k forks source link

Bug using filters operators #12731

Closed juanfh closed 2 years ago

juanfh commented 2 years ago

Bug report

When use an filter operator in the query it fails and throws a cors error:

Describe the bug

If don't use operators all queries works fine in the server but when use any filter operator it gets a cors bug. In localhost all queries work fine (with or without operators).

In the server a query like this https://myapi.com/api/table?filters[name]=thename works fine but https://myapi.com/api/table?filters[name][$eq]=thename gets a cors error:

Access to XMLHttpRequest at 'http://myapi.com/api/...' from origin 'http://myapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This happens when using any filter operator ($eq, $or, $and, $lt, …):

https://myapi.com/api/table?filters[$or][0][date][$eq]=2022-03-01&[$or][1]filters[date][$eq]=2022-04-01
https://myapi.com/api/table?filters[$and][0][quantity][$lte]=2&[$and][1]filters[quantity][$gte]=5
...

System

kasonde commented 2 years ago

Without information about where/how this project is deployed and if you're using a reverse proxy on the server and how you're making requests to the API (postman/client app of some sort), I am unable to reproduce this issue. (You deleted the steps to reproduce section of the issue template)

juanfh commented 2 years ago

What I wanted to know is if someone has used the filters operators on a production server and if it works well or not, because I haven't found any information about this bug.

My application is uploaded to a server with Debian 11 and Phusion Passenger. The problem is simply that, when I use any operator, the api returns a cors error.

This works: https://myapi.com/api/table?filters[name]=thename This not works: https://myapi.com/api/table?filters[name][$eq]=thename

If someone could confirm that they are using operators in production without problems, I could rule out that it is a Strapi bug and try to find out why it happens to me.

derrickmehaffy commented 2 years ago

@juanfh I tested on a deployed application and I can't reproduce, we need more information on methods to reproduce the issue.

Marking as closed until we get more information

jonathanschlitt commented 2 years ago

Hey, i have exactly the same error. All requests are working but only the filter (?populate=*&filters[Slug][$eq]=test) is causing this error.

I hope someone can help.

jonathanschlitt commented 2 years ago

@juanfh I tested on a deployed application and I can't reproduce, we need more information on methods to reproduce the issue.

Marking as closed until we get more information

I think you can open this issue again ;)

derrickmehaffy commented 2 years ago

Hello!

Can you please create a new GitHub issue by using the GitHub issue template, providing all required information.

Your issue looks related to that topic but it's an old one. Using another thread (GitHub issue) will be able to manage your case.

Thank you and have a good day.