-
-
Notifications
You must be signed in to change notification settings - Fork 566
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CorsPlugin reflectClientOrigin
doesn't work in Before handlers
#2246
Comments
reflectClientOrigin
doesn't work in Before handlers
Could you have a look here @Playacem ? |
The following tests works without issues, can you maybe share your code or a minimal reproduction setup for this issue?
Edit: The registerPlugin version also works as expected. Do note that I am registering all handlers before starting Javalin. That might be something that you do not do. |
Hi @Playacem , with your example it works for me too.
Response without header:
Please not that we chain configuration with |
Okay, I found the reason why this happens. Basically we register the cors routes later than the user defined before handler.
|
Hi, @Playacem looks like |
You can use both approaches and have the beforeMatched handler using the mount api. The api builder is more for those typical rest apis, leaving the rest to the mount api and the direct stuff on the Javalin instance. |
Yes, this is a workable option, but I'm afraid it doesn't work very well for us. For example:
It would be nice to have |
Hi @YaroslavYakymenko, sorry for my late reply. The following testcase works for me:
Hope this helps. |
I've just checked and this approach works as expected. Thank you |
Actual behavior (the bug)
Hi, I use the
CorsPlugin
with the following configuration:It works fine for the
Endpoint handlers
likeget
,post
, etc. However, it doesn't work inBefore handlers
.The
Access-Control-Allow-Origin
header is not being set in the response.Expected behavior
The
Access-Control-Allow-Origin
header is present in theBefore handlers
response.To Reproduce
Implement a
Before
handler that will throw any exception, for example,BadRequestResponse
.Send the API request with the
Origin
header. The response will not include theAccess-Control-Allow-Origin
header.Additional context
The issue causes problems with handling errors in the UI application because of missing
Access-Control-Allow-Origin
response headerThe text was updated successfully, but these errors were encountered: