Skip to content

fix: detection of CORS preflight requests for skipCorsPreflight option#8

Merged
eelkevdbos merged 1 commit intoeelkevdbos:mainfrom
Luzefiru:patch-1
Jan 17, 2025
Merged

fix: detection of CORS preflight requests for skipCorsPreflight option#8
eelkevdbos merged 1 commit intoeelkevdbos:mainfrom
Luzefiru:patch-1

Conversation

@Luzefiru
Copy link
Contributor

@Luzefiru Luzefiru commented Jan 12, 2025

It seems like this checker was checking the incorrect request header. Cross-Origin-Request-Method doesn't seem to be included in CORS preflight requests, so I changed it to Access-Control-Request-Method and the skipCorsPreflight works now.

image

/**
 * Checks if the request is a CORS preflight request
 */
function isCORSPreflightRequest(request: Request) {
  return (
    request.method === "OPTIONS" &&
    request.headers.has("Origin") &&
-    request.headers.has("Cross-Origin-Request-Method")
+    request.headers.has("Access-Control-Request-Method")
  )
}

@Luzefiru Luzefiru mentioned this pull request Jan 12, 2025
Merged
2 tasks
@eelkevdbos
Copy link
Owner

eelkevdbos commented Jan 17, 2025

Thanks, this looks good!

@eelkevdbos eelkevdbos merged commit ea3f53b into eelkevdbos:main Jan 17, 2025
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Luzefiru @eelkevdbos