Category : cors

I am using the nelmio bundle with the folliwing configuration nelmio_cors: paths: ‘^/api/’: allow_origin: [‘%env(CORS_ALLOW_ORIGIN)%’] allow_headers: [‘Content-Type’, ‘Authorization’, ‘some-custom-header’] allow_methods: [‘POST’, ‘PUT’, ‘GET’, ‘DELETE’] max_age: 3600 CORS_ALLOW_ORIGIN: "*" On my preflight request I get the correct header, here is a part of the curl : < access-control-allow-origin: https://my-domain-client.company-sandbox.com < access-control-allow-headers: content-type, authorization, some-custom-header < access-control-allow-methods: ..

Read more

I am running the following CURL curl -IX OPTIONS "http://example.com/api/resource?p=1&itemPerPage=2&order[date]=asc" The curl from my computer receive the following response. HTTP/1.1 200 OK Date: Thu, 19 Nov 2020 15:21:39 GMT Server: Apache/2.4.38 (Debian) X-Powered-By: PHP/7.4.11 Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, OPTIONS, POST Content-Length: 0 Content-Type: text/html; charset=UTF-8 Same request did from browser: General: Request URL: http://example.com/api/resource?p=1&itemPerPage=2&order[date]=asc Request ..

Read more

I use Symfony 5 and React, with docker, and both are on the same network. Now I want to POST something on one of my api route, here is my request: const handleSubmit = async function (e) { setError(null) setLoading(true) e.preventDefault() const data = new FormData(e.target) console.warn(data) try { const response = await fetch(‘https://localhost:8443/authentication_token’, { ..

Read more

I want to debug the Request sent to my Controller method : use FOSRestBundleControllerAnnotations as Rest; use SymfonyBundleFrameworkBundleControllerAbstractController; use SymfonyComponentHttpFoundationRequest; use SymfonyComponentHttpFoundationResponse; class IteropController extends AbstractController { /** * @RestPost("/api/getiterop", name="api_get_iterop") * @RestRequestParam(name="sary", nullable=true) */ public function getIteropForm(Request $req) { $response = new Response(); $response->headers->set(‘Access-Control-Allow-Origin’, ‘*’); $response->headers->set(‘Content-Type’, ‘application/json’); $response->setContent(json_encode([‘prenom’ => $req->request->get(‘prenom’) , ‘sary’ => $req->files->get(‘sary’) ..

Read more

I had problem on my Vue, Symfony (using Docker for setup) project with CORS policy that blocked my requests on API so I included nelmio-cors-bundle and set it up so regular responces work now. Here is my nelmio config: nelmio_cors: defaults: origin_regex: true allow_origin: [‘%env(CORS_ALLOW_ORIGIN)%’] allow_methods: [‘GET’, ‘OPTIONS’, ‘POST’, ‘PUT’, ‘PATCH’, ‘DELETE’] allow_headers: [‘Content-Type’, ‘Authorization’] ..

Read more

I have Symfony Rest API on /api context and everything works fine. Additionally, I host static pdf files in the /public/uploads directory. When getting file path through frontend browser throws error Access to fetch at ‘http://127.0.0.1:8000/uploads/b8b3a04a69f59a6c20c9c153281657d5.pdf’ from origin ‘http://192.168.8.111:8080’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If ..

Read more

We had been using API Platform along with CORS thanks to nelmio/cors-bundle But now we wanted to enable the client-side itemsPerPage parameter: //api_platform.yaml api_platform: resource: . type: api_platform collection: pagination: client_items_per_page: true # Disabled by default Adding the collection option (api_platform.yaml) introduces a CORS error. "…has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is ..

Read more

The situation: Whenever you visit this URL in Safari https://nvm.samengroen.com/plan/basic/497 and look in the console there are errors regarding XMLHttpRequest and access control checks. The strange part is, when I have the Developer Tool open and reload the page it works fine. Can someone clarify why it does work with Developer Tools opened. And what ..

Read more