CORS not working correctly #3598
Comments
|
@Manu206 hi, thanks for reporting this issue. The past couple of days If possible, could you provide a simple producer so that I check if it is the case? Or otherwise, can you try to build a SNAPSHOT version using the master branch and see if the issue is still present? |
|
I tested again with latest release 0.22 and still there is an issue. Headers are still defined like: Postman headers look like: If I set the headers via Corsfilter like mentioned earlier I get: Seems like Methods and Allow Headers are missing via Quarkus config. |
|
I wonder if it's related to #3312 . @Ladicek did you make progress on this issue? |
|
This was pretty easy to fix (just had to make sure |
|
And yes, #3312 is (was?) most likely the same problem. |
|
This is fixed right, I can't reproduce this |
|
I'm seeing this error on 0.22. I can't upgrade right now, but if you get here through Google, that's what saved my life for a simple demo using this thread as a reference: application.properties: quarkus.http.cors=trueThe custom CORSFilter: @Provider
public class CORSFilter implements ContainerResponseFilter {
private static final Logger LOGGER = LoggerFactory.getLogger(CORSFilter.class);
public CORSFilter() {}
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
LOGGER.debug("Modifing response with CORSFIlter: {}", responseContext.getHeaders());
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.putSingle("Access-Control-Allow-Origin", "*");
LOGGER.debug("Modified to add the required header: {}", responseContext.getHeaders());
}
}Then the The If you guys fixed this in the newer versions, that's great news, because it's a super common use case for front end developers that are keen to implement backend services with Quarkus. |
|
I'm testing CORS using http://www.test-cors.org on Quarkus 0.23.2 and also the latest It seems to work just fine. |
|
@Ladicek cool! I'll try to upgrade after I give my presentation demo and will report the results here. |
|
Hmm I just tested it again with 0.25.0 and for me the cors headers are not showing op on the response headers :( Could somebody verify that? |
|
@Manu206 and you use the new |
|
This is my config: |
|
One thing I'd like to highlight: if the request doesn't have the This is perfectly fine IMHO. (What's worse is that this doesn't necessarily play well with caching proxy servers. My understanding is that we should at least always include |
|
I also include the Origin header. Still no change. There is still something wrong. |
|
@Manu206 any chance you could provide a sample application so that we could see what's not working correctly? |
|
We really need to get to the bottom of this. |
@gsmet I can check it once we have a sample producer app. |
|
Can Stuart's fix help here ? |
|
@sberyozkin No, i still have this problem with Quarkus 0.28.1 my application.properties (copied from your documentation and sligthy modified) : but my response headers are: I will test this a little bit on my system tomorrow. |
|
|
|
@Ladicek Thank you, I corrected it. Now CORS works correctly for me with Quarkus 1.0.0.CR1 (Wow, third release this week, you are ultra fast). Thank you very much for your help. |
|
@alexander-dammeier Well the documentation already says that, in the "Description" column. |
|
Let me close it then :-) |
Describe the bug
I have a simple REST interface that needs to be accessed by a SPA which is failing because of CORS. I checked again and tried to call my interface via POSTMAN and I do not see any cors headers.
However if I implement the JAX-RS filter the cors header is showing up.
Is there a known BUG or could anybody confirm with version 0.21?
UPDATE:
I figured out that if I set the quarkus.http.cors, the headers for the method OPTIONS are correctly set however the actual "POST" call will cause the following error (this does not happen by setting the JAX-RS header which should be not necessary):
The text was updated successfully, but these errors were encountered: