Comments (7)
zhhz
commented on July 20, 2024
I could be wrong, is that related to this commit?
from cors_plug.
mschae
commented on July 20, 2024
Hey @zhhz sorry for the late reply.
It looks like you're trying to pass an empty list to access-control-expose-headers. That's illegal and therefore it's correct that you get the error you're seeing.
Can you please post a code snipper here showing how you configured the plug?
Thanks,
Michael
from cors_plug.
slashmili
commented on July 20, 2024
@mschae I have this config in my endpoint:
plug CORSPlug, origin: ["https://localhost:5000", "http://localhost:5000"], headers: ["Content-Type", "x-csrf-token"]
and most of my tests are failing this is the error message:
3) test logins user with correct password (Interface.API.LoginControllerTest)
test/controllers/api/login_controller_test.exs:13
** (FunctionClauseError) no function clause matching in anonymous fn/2 in Plug.Conn.merge_resp_headers/2
The following arguments were given to anonymous fn/2 in Plug.Conn.merge_resp_headers/2:
# 1
{"access-control-expose-headers", []}
# 2
[{"cache-control", "max-age=0, private, must-revalidate"}, {"x-request-id", "i7s0iaroobcmmpivhtq7l42csh74mrq2"}, {"vary", "Origin"}, {"access-control-allow-origin", "null"}]
code: conn = post conn, login_path(conn, :login), %{email: user.email, password: @valid_password}
stacktrace:
(plug) lib/plug/conn.ex:663: anonymous fn/2 in Plug.Conn.merge_resp_headers/2
(elixir) lib/enum.ex:1826: Enum."-reduce/3-lists^foldl/2-0-"/3
(plug) lib/plug/conn.ex:663: Plug.Conn.merge_resp_headers/2
(cors_plug) lib/cors_plug.ex:33: CORSPlug.call/2
(interface) lib/interface/endpoint.ex:19: Interface.Endpoint.phoenix_pipeline/1
(interface) lib/interface/endpoint.ex:19: Interface.Endpoint.call/2
(phoenix) lib/phoenix/test/conn_test.ex:224: Phoenix.ConnTest.dispatch/5
test/controllers/api/login_controller_test.exs:14: (test)
from cors_plug.
mschae
commented on July 20, 2024
@slashmili Sorry to hear it. I'm a bit stumped, it looks like the expose headers option is a list. This line however should prohibit that:
https://github.com/mschae/cors_plug/blob/master/lib/cors_plug.ex#L21
The only real explanation I have at this point is that the plug wasn't properly initiated.
Can you create an example project with a failing test somewhere?
Thanks
from cors_plug.
houmanka
commented on July 20, 2024
@slashmili I encounter the same issue.
So I copied the default into the endpoint.ex
plug CORSPlug, [
origin: "*",
credentials: true,
max_age: 1728000,
headers: ["Authorization", "Content-Type", "Accept", "Origin",
"User-Agent", "DNT","Cache-Control", "X-Mx-ReqToken",
"Keep-Alive", "X-Requested-With", "If-Modified-Since",
"X-CSRF-Token", "company"],
expose: [],
methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"]
]
plug Web.Router
and everything started to work fine
BTW, Same error wasn't because of the company
This was the original
plug CORSPlug, headers: ["*"]
plug Web.Router
Then frontend developer notified me that the DELETE method gets the CORS error. So I checked it and find out that he is sending OPTIONS instead of DELETE. However it is not passing the CORS so I added the default to the config as above and everything started to work fine ( Strange!! )
from cors_plug.
slashmili
commented on July 20, 2024
I somehow managed to fix the problem, I forgot to report it back. I don't recall the details but I guess I did something wrong 😆
from cors_plug.
mschae
commented on July 20, 2024
I'll close this for now.
from cors_plug.
Related Issues (20)
- Support wildcard subdomains HOT 2
- Origin validation on OPTIONS HOT 3
- No CORS headers embedded in Plug.ErrorHandler code path HOT 2
- General CORS library HOT 3
- Options Requests without `Access-Control-Request-Method` should not be halted
- Unreachable code? HOT 2
- Support Plug 1.7 dependency HOT 1
- "Access-Control-Allow-Origin" is null when using regex for origin? HOT 3
- Configuration not working with Elixir 1.9 releases HOT 3
- Regex from string HOT 1
- FunctionClauseError when origin option is a list containing a regex HOT 1
- Regex isn't working on preflight request HOT 5
- A way to enable logging - difficult to configure HOT 3
- CORS Header empty HOT 2
- Looks like init function is called during the compile time HOT 1
- Access-Control-Allow-Credentials should not be included if set to false
- Headers cannot be set dynamically
- Minor security issue with origin checks
- Using config.ex does not work HOT 1
- default config of origin: * and credentials: true seems invalid?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors_plug.