When allowed origins are configured, it blocks even same origin requests #50

haneul · 2019-10-18T04:22:24Z

Hello!
I'm trying to use your library to apply cors in akka-http.

When I configured with
cors(settings) { route }
and settings includes allowedOrigins, it seems that the requests from the same origin also be blocked with invalidOrigin rejection. Is there a good way to filter that out?

The text was updated successfully, but these errors were encountered:

lomigmegard · 2019-11-05T18:29:04Z

Hi!

Could you provide an example request/response and the full settings you are using?

akka-http is not aware of its "same" origin and treat it as any other origin.

haneul · 2019-11-18T19:43:49Z

so let's say we run the akka server on
https://10.0.1.1

and have allowed origin with https://10.0.1.2
then when you access https://10.0.1.1 and it makes XHR to the its own APIs, it was rejected from akka-cors as you mentioned that it's not aware of its same origin, which seemed weird to me.

lomigmegard added the question label Nov 5, 2019

lomigmegard self-assigned this Nov 5, 2019

Repository owner deleted a comment from synchrovision Jan 24, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

When allowed origins are configured, it blocks even same origin requests #50

When allowed origins are configured, it blocks even same origin requests #50

haneul commented Oct 18, 2019

lomigmegard commented Nov 5, 2019

haneul commented Nov 18, 2019

When allowed origins are configured, it blocks even same origin requests #50

When allowed origins are configured, it blocks even same origin requests #50

Comments

haneul commented Oct 18, 2019

lomigmegard commented Nov 5, 2019

haneul commented Nov 18, 2019