node-slack-sdk
node-slack-sdk copied to clipboard
Web-API CORS Issue with Authorization Header
We're developing a browser application that uses @slack/web-api
package to interact with the Slack API.
As part of the change in https://github.com/slackapi/node-slack-sdk/pull/1337, auth token is now being sent in the Authorization
header, however Slack API endpoints do not return this header as part of Access-Control-Allow-Headers
in preflight requests.
This causes any version of @slack/web-api
including and above 6.5.0 to not work in a browser environment.
Versions 6.4.0 and below work as they send the token in the request body.
Is it possible to make this behavior (send in the body vs. the header configurable) or alternatively is it possible for Slack API endpoints to return the Authorization header as part of the Access-Control-Allow-Headers
list in the preflight response?
Packages:
@slack/web-api
Reproducible in:
The Slack SDK version
6.5.0 and above
Node.js runtime version
16.15.1
OS info
any OS, Chrome latest version
Steps to reproduce:
- Use
@slack/web-api
v.6.5.0 or above to send a request to Slack API in a browser environment
Expected result:
@slack/web-api
should work in a browser environment
Actual result:
@slack/web-api
does not work in a browser environment
Requirements
For general questions/issues about Slack API platform or its server-side, could you submit questions at https://my.slack.com/help/requests/new instead. :bow:
Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.
Hi @kaandok, thanks for writing in. I don't think that this project will add such a customization at least in the short term. If you need this right now, I would suggest creating your own small HTTP client for it.
👋 It looks like this issue has been open for 30 days with no activity. We'll mark this as stale for now, and wait 10 days for an update or for further comment before closing this issue out. If you think this issue needs to be prioritized, please comment to get the thread going again! Maintainers also review issues marked as stale on a regular basis and comment or adjust status if the issue needs to be reprioritized.
Thanks again for your time and interest here. Unfortunately, we are not planning to take any actions at least in the short term. Let us close this issue now.