I have an API in Symfony 4 using NelmioCorsBundle. I have a Vue.js application that request that same API. I use google chrome as browser.
When I send a GET request There is no problem but when I send a POST I get the following response.
Access to XMLHttpRequest at 'https://my_api_domain/api/resource/custom-update' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
I understand it tell me that I need to set ‘Access-Control-Allow-Origin’ in my response headers. But for what I understand NelmioCorsBundle should be injecting it automatically.
The bundle is decared in bundle.php
return [ ... NelmioCorsBundleNelmioCorsBundle::class => ['all' => true], ... ];
Here is my settings for NelmioCorsBundle
nelmio_cors: defaults: origin_regex: true allow_origin: ['*'] allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE'] allow_headers: ['Content-Type', 'Authorization'] expose_headers: ['Link'] max_age: 3600 paths: '^/': ~
- I have already read the documentation for CORS.
- I do not want a hack to make it work on Chrome or Firefox.
- I have tried to inject manually the ‘Access-Control-Allow-Origin: *’ in my response
What did I miss ?
Source: Symfony Questions