OPTION CORS not allowed

[docsa]

I currently write an ember.js client for this API.
browsers send an OPTIONS request before any access.
Could you add those lines after line #45 in index.js ?

  res.set('Access-Control-Allow-Origin', '*');
  // add CORS compliance
  res.set('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
  res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, Content-Length, X-Requested-With');

// intercept OPTIONS method
if ('OPTIONS' == req.method) {
  res.send(200);
}
else {
  next();
}

(I tried au pull request but i am not allowed to push)
Thanks
Alain

[ethanresnick]

Thanks for pointing this out Alain! Can you check out the code in this branch and let me know if it works for your use case? If it does, i'll merge it in. I think it should be good, but I may have missed some CORS subtlety.

[docsa]

Sorry for late answer. As is, your code does not work : you need to send 'Access-Control-Allow-Origin' with each annswer. This code does work : app.use(function(req, res, next) { res.set('Access-Control-Allow-Origin', '*'); res.set('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS'); res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, Content-Length, X-Requested-With'); // intercept OPTIONS method if ('OPTIONS' == req.method) { res.send(200); } else { next(); } })

…

--- Regards Alain De : Ethan [mailto:notifications@github.com] Envoyé : mercredi 3 mai 2017 21:10 À : ethanresnick/json-api-example <json-api-example@noreply.github.com> Cc : Alain Couchot <alain.couchot@docsa.fr>; Author <author@noreply.github.com> Objet : Re: [ethanresnick/json-api-example] OPTION CORS not allowed (#12) Thanks for pointing this out Alain! Can you check out the code in this branch<https://github.com/ethanresnick/json-api-example/tree/cors> and let me know if it works for your use case? If it does, i'll merge it in. I think it should be good, but I may have missed some CORS subtlety. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub<#12 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYHbyTkButt5h3aWCv2Ka99Ekd0hi00xks5r2NEEgaJpZM4NMt4X>.