You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Currently CORS is supported by automatically answering with a list of predefined headers to every OPTIONS request. However, this still forces me to add a header Access-Control-Allow-Origin: * to each of my routes. I find it rather tedious and cumbersome.
Describe the solution you'd like
I would suggest that CORS headers are automatically added (of course, only if the checkbox for CORS is ticked in environment settings) to each response - unless I have defined those headers in my route.
Describe alternatives you've considered
An alternative solution would be to add ability to define (in the environment settings) a list of headers that should be used as default for each route - unless the route overrides some or all of them. Even more useful would be to have a list ot checkboxes for each of these default headers so that to specify the HTTP verb this particular default header should be used on (GET, POST, PUT, etc. - plus an ALL_VERBS checkbox at the end). For example I would like all my routes to have Content-Type: application/json by default.
The text was updated successfully, but these errors were encountered:
If it's ok for you, I won't change anything to the current CORS option that send Access-Control-Allow-Origin, Access-Control-Allow-Methods and Access-Control-Allow-Headers headers with status 200 on OPTIONS requests (not the user defined OPTIONS routes). I will also add environment headers that will be applied to all routes. And I think that checking CORS option should automatically add those 3 headers to the environment headers.
What do you think?
if there is a route defined which matches both the path and the method - then combine the headers defined for the method (each route may use 1 or more HTTP methods) plus the headers defined for the path (a.k.a the route) plus the globally defined headers (the latter automatically include CORS headers if the tick is checked - but may also include other user-defined headers); note that each more specific header overrides its less specific parent
if there is a match for the path but not for the method and if the method is OPTIONS and the CORS tick is checked - return the global headers (auto-extended with CORS headers)
if there is a match for the path but not for the method and it is not OPTIONS (or it is - but the CORS tick is not checked) - return error 405
if there is no match for the path but a valid proxy is specified - then send the request through the proxy
Is your feature request related to a problem? Please describe.
Currently CORS is supported by automatically answering with a list of predefined headers to every OPTIONS request. However, this still forces me to add a header
Access-Control-Allow-Origin: *
to each of my routes. I find it rather tedious and cumbersome.Describe the solution you'd like
I would suggest that CORS headers are automatically added (of course, only if the checkbox for CORS is ticked in environment settings) to each response - unless I have defined those headers in my route.
Describe alternatives you've considered
An alternative solution would be to add ability to define (in the environment settings) a list of headers that should be used as default for each route - unless the route overrides some or all of them. Even more useful would be to have a list ot checkboxes for each of these default headers so that to specify the HTTP verb this particular default header should be used on (GET, POST, PUT, etc. - plus an ALL_VERBS checkbox at the end). For example I would like all my routes to have
Content-Type: application/json
by default.The text was updated successfully, but these errors were encountered: