V8-archive: Set cors.max_age to a higher default

Created on 29 Apr 2019  路  4Comments  路  Source: directus/v8-archive

Feature Request

Set the max_age value for CORS to a default that's not null.

What problem does this feature solve?

Every request in the application gets effectively 'doubled' by the need of a preflight CORS request. By setting the max_age option, we can cache the responses of the preflight, which negates the needs of a preflight for every individual request. (ht to @mvhirsch in https://github.com/directus/api/issues/917)

How do you think this should be implemented?

https://github.com/directus/api/blob/56d53e695fbafc3a135034efe2f5dd2df793cf74/src/core/Directus/Util/Installation/InstallerUtils.php#L923

Swap out null for a value (in seconds) like 600 (10 minutes)

Can we think of any reason why we _shouldn't_ change this? @theharshin @bjgajjar

Ref:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age

enhancement help wanted
Source
picture rijkvanzanten

Most helpful comment

@rijkvanzanten Looks fine to me. Just to mention that we're setting this at the maximum allowed in Chromium browsers. Ref.

picture theharshin on 3 May 2019
😄1 👍1

All 4 comments

:grin: #921

mvhirsch picture mvhirsch on 29 Apr 2019
2

Lets take a second before merging to verify we don't break anything 馃榿

rijkvanzanten picture rijkvanzanten on 29 Apr 2019

Just preparing. Closing is always an option :grin:

mvhirsch picture mvhirsch on 29 Apr 2019

@rijkvanzanten Looks fine to me. Just to mention that we're setting this at the maximum allowed in Chromium browsers. Ref.

theharshin picture theharshin on 3 May 2019
😄1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ondronix picture ondronix  路  3Comments
jwkellyiii picture jwkellyiii  路  3Comments
cdwmhcc picture cdwmhcc  路  3Comments
cdwmhcc picture cdwmhcc  路  3Comments
cdwmhcc picture cdwmhcc  路  3Comments