openapi-backend icon indicating copy to clipboard operation
openapi-backend copied to clipboard
verified publisher icon openapistack

Handler for preflight requests with correct access-control-allow-methods

Open anttiviljami opened this issue 4 years ago • 0 comments

Two things are needed:

  1. A way to handle all preflight (OPTIONS) requests. Right now they are likely handled by the notFound handler.
  2. A way to get the allowed methods for any api path.

Expectation:

// handle all OPTIONS requests
api.register('preflightHandler', (c) => {
  const headers = {
    "access-control-allow-methods": c.api.getAllowedMethods(c),
    "access-control-allow-headers": "Authorization",
    "access-control-allow-origins": c.request.headers.origin,
    "access-control-allow-credentials": "true",
  };

  // return empty body for OPTIONS
  return replyJSON(null, { headers });
})

anttiviljami avatar Nov 15 '21 11:11 anttiviljami