I am having on/off issues with CORS on my app setup with Nelmio CORS Specifically, issue arises on /specs route, which should download pdf docs. All other seem to work fine. The request headers correctly shows Origin as https://www.example.com The web directory looks as below: /backend /config …. /public_html specs/ images/ .htaccess index.php CORS config ..
I am using the nelmio bundle with the folliwing configuration nelmio_cors: paths: ‘^/api/’: allow_origin: [‘%env(CORS_ALLOW_ORIGIN)%’] allow_headers: [‘Content-Type’, ‘Authorization’, ‘some-custom-header’] allow_methods: [‘POST’, ‘PUT’, ‘GET’, ‘DELETE’] max_age: 3600 CORS_ALLOW_ORIGIN: "*" On my preflight request I get the correct header, here is a part of the curl : < access-control-allow-origin: https://my-domain-client.company-sandbox.com < access-control-allow-headers: content-type, authorization, some-custom-header < access-control-allow-methods: ..
I had problem on my Vue, Symfony (using Docker for setup) project with CORS policy that blocked my requests on API so I included nelmio-cors-bundle and set it up so regular responces work now. Here is my nelmio config: nelmio_cors: defaults: origin_regex: true allow_origin: [‘%env(CORS_ALLOW_ORIGIN)%’] allow_methods: [‘GET’, ‘OPTIONS’, ‘POST’, ‘PUT’, ‘PATCH’, ‘DELETE’] allow_headers: [‘Content-Type’, ‘Authorization’] ..
I have Symfony Rest API on /api context and everything works fine. Additionally, I host static pdf files in the /public/uploads directory. When getting file path through frontend browser throws error Access to fetch at ‘http://127.0.0.1:8000/uploads/b8b3a04a69f59a6c20c9c153281657d5.pdf’ from origin ‘http://192.168.8.111:8080’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If ..
I have an API in Symfony 4 using NelmioCorsBundle. I have a Vue.js application that request that same API. I use google chrome as browser. When I send a GET request There is no problem but when I send a POST I get the following response. Access to XMLHttpRequest at ‘https://my_api_domain/api/resource/custom-update’ from origin ‘http://localhost:8080’ has ..