I am using the nelmio bundle with the folliwing configuration
nelmio_cors:
paths:
'^/api/':
allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
allow_headers: ['Content-Type', 'Authorization', 'some-custom-header']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
max_age: 3600
CORS_ALLOW_ORIGIN: "*"
On my preflight request I get the correct header, here is a part of the curl :
< access-control-allow-origin: https://my-domain-client.company-sandbox.com
< access-control-allow-headers: content-type, authorization, some-custom-header
< access-control-allow-methods: POST, PUT, GET, DELETE
< access-control-max-age: 3600
Then when the real request is coming to https://my-domain-api.company-sandbox.com/api/my_route
I dont receive the Access-Control-Allow-Origin header, and I get browser error.
Any idea ?
Source: Symfony Questions
Was this helpful?
0 / 0