Fixing the issue quarkusio#33922 about Access-Control-Expose-Headers

Signed-off-by: Rhuan Rocha <rhuan080@gmail.com>
rhuan080 · Jun 9, 2023 · 169b8db · 169b8db
1 parent adcaefc
commit 169b8db
Showing 1 changed file with 10 additions and 9 deletions.
diff --git a/...sions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java b/...sions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java
@@ -176,6 +176,16 @@ public void handle(RoutingContext event) {
             if (allowedMethods != null) {
                 response.headers().add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, allowedMethods);
             }
+
+            //always set expose headers if present
+            if (exposedHeaders != null) {
+                response.headers().add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposedHeaders);
+            }
+
+            if (!isConfiguredWithWildcard(corsConfig.exposedHeaders)) {
+                response.headers().set(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, this.exposedHeaders);
+            }
+
             //we check that the actual request matches the allowed methods and headers
             if (!isMethodAllowed(request.method())) {
                 LOG.debug("Method is not allowed");
@@ -211,15 +221,6 @@ private void handlePreflightRequest(RoutingContext event, String requestedHeader
             processPreFlightRequestedHeaders(response, requestedHeaders);
         }
 
-        //always set expose headers if present
-        if (exposedHeaders != null) {
-            response.headers().add(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposedHeaders);
-        }
-
-        if (!isConfiguredWithWildcard(corsConfig.exposedHeaders)) {
-            response.headers().set(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, this.exposedHeaders);
-        }
-
     }
 
     static boolean isSameOrigin(HttpServerRequest request, String origin) {