gregorbg
03/18/2020, 4:14 PMCORS
feature as per https://ktor.io/servers/features/cors.html and everything works for GET
. However with POST
it seems that Chrome (version 80.0.3987.106) does not send the Origin
header, so the ktor intercept function does not reply with the Access-Control-Allow-Origin
header as it should. If I enforce the response header through the DefaultHeaders
feature, POST
works but then for GET
Chrome complains because it does send the Origin
header there and so with CORS
+ DefaultHeaders
feature the response header is being set twice (and Chrome doesn't like that...). Any clue how I can work around this issue without waiting for Google to fix their stuff?
EDIT: Not only does Chrome not send Origin
headers when `POST`ing by default, it also explicitly removes them when I instruct my frontend (JavaScript fetch
) to send an Origin
header along with the request.gotoOla
03/18/2020, 10:32 PMinstall(CORS) {
header(HttpHeaders.Authorization)
methods.addAll(listOf(HttpMethod.Get, <http://HttpMethod.Post|HttpMethod.Post>, HttpMethod.Put, HttpMethod.Delete, HttpMethod.Options))
host("<http://specific-domain.net:3000|specific-domain.net:3000>", subDomains = listOf("localhost"))
host("<http://specific-domain.com:3000|specific-domain.com:3000>", subDomains = listOf("localhost"))
}
did you add those methods?