I recently migrated to restify beta, and following that restify.CORS is no longer available.
I tried to use the restify-cors-middleware module but it doesn't work, when I looked closely at the npm list of installed modules I noticed it's not even supposed to work for restify beta? (beta is version 5 and above)
npm ERR! peer dep missing: [email protected] - 4.3.x, required by [email protected]
If that is the case, is there another way for me to use CORS in the beta?
Is there no solution for it at all in the beta?
The CORS plugin has been deprecated in 5.x, we've been steering people to: https://github.com/TabDigital/restify-cors-middleware instead.
This is what I'm using, it's not working for me.
You can also see that I opened an issue a while ago in that repository:
https://github.com/TabDigital/restify-cors-middleware/issues/22
Hi @yunong, one of the maintainers of https://github.com/TabDigital/restify-cors-middleware here. We're very happy that you like our implementation of CORS! Here's 2 things we'd need to look at to make it work on Restify 5, and make the integration more stable:
The part that breaks in Restify 5 is the following line:
var DEFAULT_ALLOW_HEADERS = restify.CORS.ALLOW_HEADERS;
I'll have a look at other ways we can get the default list of headers allowed by Restify. We could bake it into the plugin (copy-pasted from lib/plugins/cors.js#L10), however hard-coding headers like x-api-version doesn't seem very future-proof. Can you think of a stable way to get it dynamically?
Because the main problems with CORS were in preflight requests, we only implemented preflight.... and simply delegate actual requests back to Restify :smile: Of course this would have to change if you delete lib/plugins/cors.js.
I'm happy to simply import the code as-is into our plugin. We'll just have the same questions as above: how can we get the list of exposed headers in a stable way, e.g. api-version?
Thanks!
Hey @yunong @rprieto, any update on that?
Whoops, looks like some crossed wires here! I think we assumed incorrectly that restify-cors-middleware replaces CORS wholesale within restify. If that's not the case, I think our effort is better focused by getting the work started over here compliant with the existing tests @rprieto and folks have put together for the restify-cors-middleware plugin.
That said, @royibernthal it's unlikely any of the maintainers will have a chance to get to that work anytime soon. :( I'd recommend falling back on 4.x if CORS is something blocking your progress - given it's beta status there are still a few kinks to work out and we wouldn't recommend using it in production just yet.
No problem. It's actually trivial for us to pull in the "actual" request support, hence breaking the cycle. Happy to start working on that tomorrow, and we can aim to release a new version soon.
@rprieto you can use the restify plugins package to resolve CORS errors.
use it like so
server.use(plugins.fullResponse())
If @roblav96, what do you mean? This is about creating a new CORS plugin, instead of relying on fullResponse which I think only supports Access-Control-Allow-Origin: *.
@rprieto Oh, I didn't fully read everything.
Maybe add custom headers in the opts?
server.opts(/.*/, function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*')
res.header('Access-Control-Allow-Methods', req.header('Access-Control-Request-Method'))
res.header('Access-Control-Allow-Headers', req.header('Access-Control-Request-Headers'))
res.send(200)
return next()
})
Gentle bump. Restify 5 is out, the migration docs notes to use TabDigital's plugin but it is still not compatible with 5 (TypeError: Cannot read property 'ALLOW_HEADERS' of undefined among other things).
What do you want to do?
Hi, I just pushed [email protected], can you let me know if it works?
Looking better now. No error. But, can you take the peer dependency out of package.json?
npm WARN [email protected] requires a peer of [email protected] - 4.3.x but none was installed.
And thanks for the quick response. Sorry :)
@rprieto +1 for updating the peer dependency. Preventing me from deploying various updates to Heroku.
Can you try version 1.0.1? The peer dependency should now have restify: 2.6-5.
@rprieto [email protected] works fine with [email protected].
Closing as this appears to be fixed in restify-cors-middleware
does this hurt?
npm WARN [email protected] requires a peer of [email protected] - 5.x.x but none was installed.
im using [email protected]
@edgracilla the latest version of restify-cors-middleware should have solved this.
Huh, doesn't look like it was published...
@rprieto any update?
In the meantime you can use npm install --save Tabcorp/restify-cors-middleware
Warnings gone. Thanks!
please release new version to NPM.
@tapankumar restify-cors-middleware is not part of the restify organization. You should open an issue here: https://github.com/Tabcorp/restify-cors-middleware
Most helpful comment
Can you try version
1.0.1? The peer dependency should now haverestify: 2.6-5.