fix(graphql): Fixes multiValueHeader handling (and CORS) in graphql handler #5970
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for redwoodjs-docs canceled.
|
dthyresson
requested changes
Jul 18, 2022
7 tasks
dthyresson
approved these changes
Jul 19, 2022
jtoar
approved these changes
Jul 19, 2022
Blood, sweat and tears.... Half the effort was figuring out how to debug it! patch package comes in handy in these situations |
dac09
added a commit
to dac09/redwood
that referenced
this pull request
Jul 22, 2022
…o feat/ts-strictmode-gen * 'feat/ts-strictmode-gen' of github.com:dac09/redwood: (94 commits) fix(deps): update dependency @graphql-codegen/cli to v2.9.1 (redwoodjs#6013) Little grammar change (redwoodjs#6006) chore: connect repo to nx cloud to speed up builds (redwoodjs#5988) fix(deps): update dependency @testing-library/user-event to v14.3.0 (redwoodjs#6004) fix(deps): update graphqlcodegenerator monorepo (redwoodjs#6005) chore(deps): update dependency @auth0/auth0-spa-js to v1.22.2 (redwoodjs#6003) fix(graphql): Fixes multiValueHeader handling (and CORS) in graphql handler (redwoodjs#5970) chore(deps): update dependency @nhost/hasura-auth-js to v1.4.0 (redwoodjs#6001) chore(deps): update dependency @nhost/nhost-js to v1.4.7 (redwoodjs#5999) fix(deps): update dependency cross-undici-fetch to v0.4.14 (redwoodjs#6000) chore(deps): update dependency @azure/msal-browser to v2.28.0 (redwoodjs#5994) fix(deps): update dependency concurrently to v7.3.0 (redwoodjs#5995) chore(deps): update dependency @simplewebauthn/browser to v5.3.0 (redwoodjs#5989) chore(deps): update dependency @simplewebauthn/server to v5.3.0 (redwoodjs#5990) chore(deps): update dependency @simplewebauthn/typescript-types to v5.3.0 (redwoodjs#5991) fix(deps): update dependency @testing-library/user-event to v14.2.6 (redwoodjs#5992) fix(deps): update typescript-eslint monorepo to v5.30.7 (redwoodjs#5993) chore: clean up mock auth client (redwoodjs#5911) Adds Webauthn support (TouchID, FaceID) to dbAuth (redwoodjs#5680) chore(deps): update dependency octokit to v2.0.4 (redwoodjs#5986) ...
jtoar
pushed a commit
that referenced
this pull request
Jul 25, 2022
…andler (#5970) * Add some notes * fix(headers): Handle when multiValueHeaders are present, and also when they are not * Update comments Co-authored-by: David Thyresson <dthyresson@gmail.com>
jtoar
pushed a commit
that referenced
this pull request
Jul 28, 2022
…andler (#5970) * Add some notes * fix(headers): Handle when multiValueHeaders are present, and also when they are not * Update comments Co-authored-by: David Thyresson <dthyresson@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #5933
What does this do?
It fixes two different cases where we weren't returning CORS headers.
1. Netlify
Netlify supports
multiValueHeaders- but still always returnedAccess-Control-Allow-Origin: null. That's because in the way we had the logic, the headers in the request (yes, the request) were merged (headers + multiValueHeaders). So if you supply two origins to Yoga, it gets confused and returns null.This PR makes sure that we only use MVH .... OR ... Headers - not both in the construction of the request, before we pass it to yoga.
2.Vercel
Vercel does not support
multiValueHeaders. So in this case, no CORS headers were returned at all. This PR changes it so that we return the headers for the response both as MVH and as regular headers.