You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/07/30 03:18:03 UTC

[GitHub] [apisix] azura27 opened a new issue #4717: bug:

azura27 opened a new issue #4717:
URL: https://github.com/apache/apisix/issues/4717


   ### Issue description
   
   ### Environment
   
   Bug report without environment information will be ignored or closed.
   
   * apisix version (cmd: `apisix version`):2.0
   * OS (cmd: `uname -a`): centos 7.4
   * OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`): 1.17.8.2
   * etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API):3.5
   * apisix-dashboard version, if have:
   * luarocks version, if the issue is about installation (cmd: `luarocks --version`):
   
   ### Minimal test code / Steps to reproduce the issue
   
   Bug report without steps to reproduce will be ignored or closed.
   
   1. set a route with cors open, OPTIONS method support
   2.visit route with OPTIONS method, return response with no allow-control-allow-origin etc. headers
   3.
   
   ### What's the actual result? (including assertion message & call stack if applicable)
   response with no allow-control-allow-origin etc. headers
   ### What's the expected result?
   response with allow-control-allow-origin etc. headers
   
   For split backend and frontend environment OPTIONS method is used frequently, so return in rewrite stage is not suitable


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] spacewander commented on issue #4717: bug:

Posted by GitBox <gi...@apache.org>.

spacewander commented on issue #4717:
URL: https://github.com/apache/apisix/issues/4717#issuecomment-890658452


   @azura27 
   
   
   > 
   > 
   > "cors":{"allow_origins":"_","expose_headers":"_","allow_credential":false,"max_age":5,"allow_headers":"*","allow_methods":"GET,HEAD,PUT,PATCH,POST,OPTIONS"}
   
   `""` is not a valid configuration, which will remove the allow-control-allow-origin header.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] spacewander commented on issue #4717: bug:

Posted by GitBox <gi...@apache.org>.

spacewander commented on issue #4717:
URL: https://github.com/apache/apisix/issues/4717#issuecomment-889604252


   > set a route with cors open, OPTIONS method support
   
   What's your configuration for this route?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] tzssangglass closed issue #4717: bug:

Posted by GitBox <gi...@apache.org>.

tzssangglass closed issue #4717:
URL: https://github.com/apache/apisix/issues/4717


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] tzssangglass commented on issue #4717: bug:

Posted by GitBox <gi...@apache.org>.

tzssangglass commented on issue #4717:
URL: https://github.com/apache/apisix/issues/4717#issuecomment-890465606


   I think it's expected behavior, and take a look at this: https://github.com/apache/apisix/issues/1100
   
   source code for `cors` plugin handling OPTIONS method: https://github.com/apache/apisix/blob/9db2dd2399c3970df1e1b7fa0f8b7dcd92d26b1c/apisix/plugins/cors.lua#L227-L231
   
   The OPTIONS method is a preflight request to check if CORS is supported, so the OPTIONS response header should not require the `allow-control-allow-origin` header.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org