docs corsAllowOrigin dosn't set *

Also on stackoverflow

I currently have corsAllowOrigin: "*" #to allow all origins in my helm values file (as per docs). To make sure that the propper headers are bieng set on return values.

Now I would expect (as per docs) that the Access-Control-Allow-Origin: would now go to "*" however it goes to Access-Control-Allow-Origin: null. Thats ofcoure a bit anoying becouse it prevent react native apps of accessing the API.

Question here, is this a bug? Am I using the wrong values? Or overlooking something?

Reference api -> http://178.128.136.195/

And yes, I did wipe the symfony cach ;)

SOLVED should have been:

corsAllowOrigin: ['*'] #to allow all origins instead of corsAllowOrigin: "*" #to allow all origins

Mar 04 '19 14:03 rubenvdlinde

Do you use Varnish? If so, be sure to upgrade NelmioCors to the latest version, that fixes a cache pollution issue.

Mar 04 '19 15:03 dunglas

Good point, I checked that and the NelmioCors that is composed into Api Platform is the newest. According to the composer lock:

"name": "nelmio/cors-bundle",
           "version": "1.5.5",
           "source": {
               "type": "git",
               "url": "https://github.com/nelmio/NelmioCorsBundle.git",
               "reference": "adabee944e6fe52ee566caf1770a29355b1e8d83"
           },

And the NelmioCors release chart

Coming to thing of it, I also redid the entire helm install. so a caching issue dosn't make a lot of sence

Mar 04 '19 15:03 rubenvdlinde

Solved it, should have been:

corsAllowOrigin: ['*'] #to allow all origins instead of corsAllowOrigin: "*" #to allow all origins

Mar 04 '19 17:03 rubenvdlinde

Thanks for the feedback! Could you edit the docs with this fix please?

Mar 04 '19 17:03 dunglas

docs docs copied to clipboard

corsAllowOrigin dosn't set *

docs
docs copied to clipboard