[Bug] set.headers removes headers set by cors()

[KryptXBSA]

As the title says set.headers removes all the headers set by the @elysiajs/cors plugin.

[SaltyAom]

I assume that you post this on Discord as well, so basically just use

set.headers['AnyHeader'] = 'Value'

instead of

set.headers = { AnyHeader: 'a' }

[FrancoLab]

If you are still strugling, I managed to get this to work following this:

app.onAfterHandle(({ request, set }) => {
	if (!Bun.env.FRONTEND_URL) return false;

	set.headers["Access-Control-Allow-Origin"] = Bun.env.FRONTEND_URL;
	if (request.method === "OPTIONS") {
		set.headers["Access-Control-Allow-Headers"] =
			request.headers.get("Access-Control-Request-Headers") ??
			"Content-Type, Authorization";
		set.headers["Access-Control-Allow-Credentials"] = "true";
		set.headers["Access-Control-Allow-Methods"] =
			"GET, POST, DELETE, PUT, PATCH";
	}
});

app.use(
	cors({
		methods: ["GET", "POST", "DELETE", "PUT", "PATCH", "OPTIONS"],
		origin: Bun.env.FRONTEND_URL,
		credentials: true,
		allowedHeaders: [
			"Content-Type",
			"Authorization",
			"Access-Control-Allow-Headers",
			"Access-Control-Allow-Credentials",
			"Access-Control-Request-Headers",
		],
	})
);