fast-proxy icon indicating copy to clipboard operation
fast-proxy copied to clipboard
verified publisher icon fastify

[undici] Preflight requests from Safari

Open Maxime-J opened this issue 2 years ago • 4 comments

Prerequisites

  • [X] I have written a descriptive issue title
  • [X] I have searched existing issues to ensure the issue has not already been raised

Issue

A thing to be aware of when undici is used. In a CORS situation, preflight requests from Safari lead to 500 error.

Indeed, Safari sends an OPTIONS request with a content-length: 0 header, which is not well handled by undici in that situation.

It can be fixed by removing that content-length header, if present (Chrome doesn't send it), before calling the proxy function:

if(req.method === 'OPTIONS' && req.headers.hasOwnProperty('content-length')){
  delete req.headers['content-length'];
}
proxy(...

Maxime-J avatar Mar 13 '23 14:03 Maxime-J

Why not fix it in upstream undici?

Uzlopak avatar Mar 13 '23 15:03 Uzlopak

Agree, I didn't expect it to be fixed here. Just think it's worth mentioning for other users, with a quick fix, as it should be quite common in a proxy situation, and can easily pass under the radar. I will open an issue in undici linking that one.

Maxime-J avatar Mar 13 '23 15:03 Maxime-J

After more digging, it turns out fast-proxy already handles that content-length header issue for GET and HEAD methods. Seems logical to fix it here then, I'll submit a PR to add the OPTIONS method.

Maxime-J avatar Mar 13 '23 19:03 Maxime-J

Looking forward.

Uzlopak avatar Mar 13 '23 19:03 Uzlopak