Node-restify: Settings CORS origin and credentials not taking effect

Created on 8 Jul 2016  Â·  9Comments  Â·  Source: restify/node-restify

Settings CORS origin and credentials not taking effect.

rest.use(restify.CORS({
    origins: ['https://mydomain.com'],
    credentials: true,
    headers: [
        'Accept'
    ]
}));

Yet hitting with curl:

curl -i http://127.0.0.1:9090 -X POST
HTTP/1.1 200 OK
Connection: close
Server: Node.js v6.3.0
MyApp-Version: 1.0.0
Access-Control-Max-Age: 300
Cache-Control: no-cache, no-store
Request-Id: 0500eb9c-fff7-4c5c-a7ec-9bbc55e779ac
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Date: Thu, 07 Jul 2016 22:40:27 GMT
Response-Time: 20
Transfer-Encoding: chunked

{}

Notice Access-Control-Allow-Origin: * and also the Access-Control-Allow-Credentials and Access-Control-Allow-Headers headers are not set

Most helpful comment

The restify CORS plugin will be deprecated in the upcoming 5.x release in favor of https://github.com/TabDigital/restify-cors-middleware

All 9 comments

Digging more this entire CORS plugin seems to not be working, or if working very buggy.

Seems I am not the only one very confused by CORS in restify.

http://stackoverflow.com/questions/14338683/how-can-i-support-cors-when-using-restify

If I turn on restify.fullResponse() then I start to see some CORS related headers, but none of the properties I am setting the CORS plugin are taking effect.

Any update?

Any update?

Just this has worked fine to me.

server.use(restify.CORS({
credentials: true
}));

Em ter, 23 de ago de 2016 às 10:00, Rodrigo Vieira de Alencar <
[email protected]> escreveu:

Any update?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/restify/node-restify/issues/1151#issuecomment-241722246,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACnBYibHp-_LFMvq4mcdXgyhrVfwaPKbks5qiu7_gaJpZM4JHkhS
.


João Cândido de Souza Neto

The restify CORS plugin will be deprecated in the upcoming 5.x release in favor of https://github.com/TabDigital/restify-cors-middleware

Someone want to add some documentation on how to configure that plugin? Its a bit light on details, like on how to actually use it.

Hey @geuis, the module could certainly use some better documentation.

The JSDocs have helped me a lot, though they aren't being used to generate dcoumentation: https://github.com/Tabcorp/restify-cors-middleware/blob/master/src/index.js#L6-L34

Also, the tests do an excellent job of documenting the spec and showing how to use the module:
https://github.com/Tabcorp/restify-cors-middleware/blob/master/test/cors.actual.spec.js
https://github.com/Tabcorp/restify-cors-middleware/blob/master/test/cors.preflight.spec.js

In the past I called the following:

server.use(restify.CORS( {credentials: true, headers: ['x-framlin-ci']}));

Can anybody give me a hint or explain, what I have to call now, if I use restify-cors-middleware, to reach the same? Any experiments, I took, failed so far :-(

server.use(restify.plugins.bodyParser({"params":true})); server.use(cors.actual);

This worked for me

Was this page helpful?
0 / 5 - 0 ratings

Related issues

augustovictor picture augustovictor  Â·  4Comments

mongris picture mongris  Â·  5Comments

mikemilano picture mikemilano  Â·  4Comments

romandecker picture romandecker  Â·  5Comments

danhstevens picture danhstevens  Â·  6Comments