Why CORS policy blocks request only when I dump?

I had problem on my Vue, Symfony (using Docker for setup) project with CORS policy that blocked my requests on API so I included nelmio-cors-bundle and set it up so regular responces work now.

Here is my nelmio config:

nelmio_cors:
defaults:
    origin_regex: true
    allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
    allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
    allow_headers: ['Content-Type', 'Authorization']
    expose_headers: ['Link']
    max_age: 3600
paths:
    '^/': null

And here is my controller:

/**
 * @Route("/movement-types")
 */
public function getMovementTypes(MovementTypeRepository $repo): Response
{
    $items = $repo->findAll();
    $response = new Response();
    $response->setContent(json_encode($items));
    return $response;
}

So far this works. But whenever I add dump() of var_dump() function into the controller CORS policy blocks it again. I tried to change the nelmio config to the most inclusive setting possible, but it didn’t work either.

nelmio_cors:
defaults:
    origin_regex: true
    allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
    allow_origin: ['*']
    allow_methods: ['*']
    allow_headers: ['*']
    expose_headers: ['Link']
    max_age: 3600
paths:
    '^/': null

I tried also this, even though I don’t think it is best possible solution. https://github.com/fruitcake/laravel-cors/issues/301 But it didn’t work either.
I didn’t find any other solutions or discussions on this topic.

Thanks for any help possible.

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *