Error: The response has no "Link" HTTP header.

[alexisLamothe]

Hello,
It's my first project using Symfony framework and i'am new with api-platform & admin-on-rest.
So for now, i have entities and i build my api with api-platform. Now, i want integrate an admin interface in my project. So i followed the getting starting introduction here https://github.com/api-platform/admin and i replaced entrypoint with my own local api url 'http://localhost:8000/api/v2'.

1st i was that error :
Fetch API cannot load http://localhost:8000/api/v2. Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains the invalid value 'null'. Origin 'http://localhost:3000' is therefore not allowed access. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

So i added the nelmio-cors bundle in my project and i added this in my parameter.yml file :

nelmio_cors:
    defaults:
        allow_credentials: false
        allow_origin: []
        allow_headers: []
        allow_methods: []
        expose_headers: []
        max_age: 0
        hosts: []
        origin_regex: false
        forced_allow_origin_value: ~
    paths:
        '^/api/':
            allow_origin: ['*']
            allow_headers: ['X-Custom-Auth', 'Content-Type', 'Link']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS']
            max_age: 3600
        '^/':
            origin_regex: true
            allow_origin: ['^http://localhost:[0-9]+']
            allow_headers: ['X-Custom-Auth', 'Content-Type', 'Link']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS']
            max_age: 3600
            hosts: ['^api\.']

After, i have that error:

Uncaught (in promise) Error: The response has no "Link" HTTP header.
    at getDocumentationUrlFromHeaders (parseHydraDocumentation.js:71)
    at parseHydraDocumentation.js:92
    at <anonymous>
         getDocumentationUrlFromHeaders @ parseHydraDocumentation.js:71
         (anonymous) @ parseHydraDocumentation.js:92

How can i fix that ?

[dunglas]

Can you post the full HTTP response issued by the server (including headers)?

[alexisLamothe]

Of course :

HTTP/1.1 200 OK
Host: localhost:8000
Date: Thu, 18 May 2017 12:05:36 +0200
Connection: close
X-Powered-By: PHP/7.1.4
Content-Type: application/ld+json; charset=utf-8
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Cache-Control: no-cache, private
Link: <http://localhost:8000/api/v2/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
X-Debug-Token: 01afa8
X-Debug-Token-Link: http://localhost:8000/_profiler/01afa8
Date: Thu, 18 May 2017 10:05:36 GMT

Is that rigth ?

[djonser]

Might be a bit late of an answer, but adding the configuration below to nelmio_cors should help you out and anyone else running into this issue.

expose_headers: ["Link"]

[reducio]

A similar problem with solution: api-platform/api-platform#553

[mauchede]

Hello @alexisLamothe,

I tested your nelmio_cors configuration. Three parameters are missing:

• OPTION must be defined in allow_methods.
• Authorization must be defined in allow_headers.
• Link must be defined in expose_headers.

I used the following configuration without issue:

nelmio_cors:
    defaults:
        allow_credentials: false
        allow_origin: []
        allow_headers: ['Content-Type']
        allow_methods: []
        expose_headers: []
        max_age: 0
        hosts: []
        origin_regex: false
        forced_allow_origin_value: ~
    paths:
        '^/api/':
            allow_origin: ['*']
            allow_headers: ['X-Custom-Auth', 'Content-Type', 'Authorization']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTION']
            expose_headers:
                - Link
            max_age: 3600
        '^/':
            origin_regex: true
            allow_origin: ['*']
            allow_headers: ['X-Custom-Auth', 'Content-Type', 'Authorization']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTION']
            expose_headers:
                - Link
            max_age: 3600

Can you check this configuration and close this issue if it is OK for you.

Note: nelmio_cors configuration of api-platform/api-platform seems OK.

[nicolaskern]

Hi,

I have the exact same problem with React / API Platform environment, even though I have set the given nelmio cors configuration.

I can see the header when I look at it in Network tab in Chrome, but no when I log the content of the response after the fetch().

Here are my headers in Chrome :

Access-Control-Allow-Origin: http://0.0.0.0:32800
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: application/ld+json; charset=utf-8
Date: Fri, 15 Jun 2018 13:02:24 GMT
Link: <http://0.0.0.0:32444/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
Server: nginx/1.14.0

Thank you!

[mauchede]

Hello @nicolaskern,

Header Link header seems incorrect. You should have an IP or a hostname instead of 0.0.0.0.

[nicolaskern]

This actually is my correct Docker IP.
There seems to have an issue with my nginx configuration and Nelmio CORS configuration.
When I remove additional headers in nginx, the headers added by Nelmio CORS work fine until I generate a non-200 status.

[7system7]

This problem still persist...

I have the latest version of API Platform and the v7 version of Symfony and PHP 8.2.x

$ composer show |grep api-platform/core
api-platform/core                   v3.2.10 Build a fully-featured hypermedia or GraphQL API in minutes! 

$ php -v
PHP 8.2.14 (cli) (built: Dec 21 2023 14:02:51) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.14, Copyright (c) Zend Technologies
    with Zend OPcache v8.2.14, Copyright (c), by Zend Technologies
    with Xdebug v3.2.2, Copyright (c) 2002-2023, by Derick Rethans

I set up the nelmio config just like in the docs.

    '^/api/':
      origin_regex: true
      allow_origin: [ '%env(CORS_ALLOW_ORIGIN)%' ]
      allow_methods: [ 'GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE' ]
      allow_headers: [ 'Content-Type', 'Authorization' ]
      expose_headers: [ 'Link' ]
      max_age: 3600

And this is an example of an entity's response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-type: application/ld+json; charset=utf-8
date: Thu, 11 Jan 2024 10:08:05 GMT
etag: "344053f314d1e70cd2247b2f24e9ca03"
server: Caddy
vary: Accept
x-content-type-options: nosniff
x-debug-token: e0a9a4
x-debug-token-link: https://example.local/_profiler/e0a9a4
x-frame-options: deny
x-powered-by: PHP/8.2.14
x-robots-tag: noindex

Sadly, I cannot handle the response failures in @api-platform/admin because it says The response has no "Link" HTTP header. 😕

[Tristaury]

I had the same issue but the error message was wrong.
Some entities were ok and others not.
Il was because of entity has to be singular (not ending with s).
When I renamed; it's working well

[7system7]

I had the same issue but the error message was wrong. Some entities were ok and others not. Il was because of entity has to be singular (not ending with s). When I renamed; it's working well

@Tristaury I think it is not a solution. I do not use plurals for entities. Only for properties what has to-many connection.