-
-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cors middleware does not send Allow Origin Headers in OPTIONS request #538
Comments
Hi! Indeed, Crow currently doesn't run middleware for OPTIONS/HEAD requests. Briefly, middleware runs for handlers. If there is no handler, then no middleware is run |
@The-EDev: What do you think? What would be the best way of handling OPTIONS without breaking backwards compatibility. Maybe we can run local & global middleware if it has some option like In any case, running marked global middleware would be simple enough to be quickly implemented and solve this issue. Currently Crow just builds the options response manually by allowing all |
@dranikpg @The-EDev are there any updates about this? This seems to be quite an important change. If there is any REST API written using Crow that only needs to accept requests from a certain origin, then it will not work since the browsers will never receive those headers in the response. |
I'm facing the same issue with a code: `` std::map<std::string, std::string> users; int main() {
} |
I managed to do a HACK to get this working. Observations:
Changes inside Crow: crow_hack.patch
This needs to be done for all route URLs probably. Can get a bit redundant, but seems to be working. |
…d API Refer to CrowCpp/Crow#538 (comment) for more details about the hack.
Any progress on this issue now? |
Just tried the patch from @kiner-shah and can confirm it's working great! Luckily, I only need this functionality for development, but it would feel super bad to need this for a production build... |
probably a duplicate of #764 764 |
Introduced with revision b986d1e
Test program:
then compiling with
and executing a curl command
I receive these outputs:
As visible, the Allow-Origin-Headers are not sent in the OPTIONS request. The bug still exists in current master.
The text was updated successfully, but these errors were encountered: