kandi background
kandi background
Explore Kits
kandi background
Explore Kits
kandi background
Explore Kits
kandi background
Explore Kits
Explore all Swagger open source software, libraries, packages, source code, cloud functions and APIs.

Popular New Releases in Swagger

0.75.2

修复 沙箱 提权问题

OAS 3.1.0 Released!

Swagger UI v4.10.3 Released!

v7.8.1

fastapi

0.75.2

yapi

修复 沙箱 提权问题

OpenAPI-Specification

OAS 3.1.0 Released!

swagger-ui

Swagger UI v4.10.3 Released!

generator-jhipster

v7.8.1

Popular Libraries in Swagger

Trending New libraries in Swagger

Top Authors in Swagger

1

19 Libraries

44532

2

12 Libraries

3420

3

11 Libraries

5356

4

10 Libraries

4084

5

9 Libraries

4914

6

9 Libraries

5686

7

9 Libraries

1612

8

9 Libraries

29

9

8 Libraries

1169

10

8 Libraries

1787

1

19 Libraries

44532

2

12 Libraries

3420

3

11 Libraries

5356

4

10 Libraries

4084

5

9 Libraries

4914

6

9 Libraries

5686

7

9 Libraries

1612

8

9 Libraries

29

9

8 Libraries

1169

10

8 Libraries

1787

Trending Kits in Swagger

No Trending Kits are available at this moment for Swagger

Trending Discussions on Swagger

    400 response to CORS preflight
    Asp.Net Core 6 Sort Swagger UI Tags Alphabetically
    Springboot 2.6.0 / Spring fox 3 - Failed to start bean 'documentationPluginsBootstrapper'
    Keycloak 17: Unsatisfied dependency for type org.keycloak.models.KeycloakSession and qualifiers [@Default]
    Microsoft.Extensions.Hosting.HostFactoryResolver+HostingListener+StopTheHostException
    How to use appsettings.json in Asp.net core 6 Program.cs file
    How can I use DateOnly/TimeOnly query parameters in ASP.NET Core 6?
    502 Error: Bad Gateway on Azure App Service with IronPDF
    How to specify schema for nested json in flask_restx?
    How to enable cors in ASP.NET Core 6.0 Web API project?

QUESTION

400 response to CORS preflight

Asked 2022-Apr-02 at 10:21

I have swagger (docker: swaggerapi/swagger-ui) running on swagger.mydomain.com with two definitions for api servers running on a.mydomain.com and b.mydomain.com

Both a and b are flask (python) servers. a.mydomain.com had CORS set up for a while now due to serving a webapp on a fourth subdomain. This works fine both on that subdomain, as well as in swagger. Now I did the same CORS setup for b.mydomain.com, however without success.

The setup on both servers looks like this:

1from flask import Flask
2from flask_cors import CORS
3
4app = Flask(__name__)
5CORS(app, origins=r"^.*(mydomain\.com)")
6

As I said, this works on a.mydomain.com, but not on b.mydomain.com.

Preflight looks identical, except the urls, the status code (200 and 400 respectively) as well as that the working request has an additional allow: POST, OPTIONS header. I don't see any difference in code to justify this additional header.

The failed preflight request takes 150ms which is double of the working request.

Executing a request via swagger provides a curl request. Executing this locally gives the expected output, so the request is generally correct.

I have no idea what else to try. As far as I can see, a and b.mydomain.com are set up exactly the same. What could be wrong here?

ANSWER

Answered 2021-Sep-17 at 23:52

A 400 is a pretty unusual response code for a preflight response. That suggests the endpoint might be configured to expect a certain request body/payload or headers in the request regardless of what the HTTP method is for the request. But since for the preflight OPTIONS request, the browser sends no request body and no additional header, the server code is not receiving what it expects.

For such cases, the fix is to ensure you have a specific, separate handler for OPTIONS requests configured for that route/endpoint.

Source https://stackoverflow.com/questions/69227515

Community Discussions contain sources that include Stack Exchange Network

    400 response to CORS preflight
    Asp.Net Core 6 Sort Swagger UI Tags Alphabetically
    Springboot 2.6.0 / Spring fox 3 - Failed to start bean 'documentationPluginsBootstrapper'
    Keycloak 17: Unsatisfied dependency for type org.keycloak.models.KeycloakSession and qualifiers [@Default]
    Microsoft.Extensions.Hosting.HostFactoryResolver+HostingListener+StopTheHostException
    How to use appsettings.json in Asp.net core 6 Program.cs file
    How can I use DateOnly/TimeOnly query parameters in ASP.NET Core 6?
    502 Error: Bad Gateway on Azure App Service with IronPDF
    How to specify schema for nested json in flask_restx?
    How to enable cors in ASP.NET Core 6.0 Web API project?

QUESTION

400 response to CORS preflight

Asked 2022-Apr-02 at 10:21

I have swagger (docker: swaggerapi/swagger-ui) running on swagger.mydomain.com with two definitions for api servers running on a.mydomain.com and b.mydomain.com

Both a and b are flask (python) servers. a.mydomain.com had CORS set up for a while now due to serving a webapp on a fourth subdomain. This works fine both on that subdomain, as well as in swagger. Now I did the same CORS setup for b.mydomain.com, however without success.

The setup on both servers looks like this:

1from flask import Flask
2from flask_cors import CORS
3
4app = Flask(__name__)
5CORS(app, origins=r"^.*(mydomain\.com)")
6

As I said, this works on a.mydomain.com, but not on b.mydomain.com.

Preflight looks identical, except the urls, the status code (200 and 400 respectively) as well as that the working request has an additional allow: POST, OPTIONS header. I don't see any difference in code to justify this additional header.

The failed preflight request takes 150ms which is double of the working request.

Executing a request via swagger provides a curl request. Executing this locally gives the expected output, so the request is generally correct.

I have no idea what else to try. As far as I can see, a and b.mydomain.com are set up exactly the same. What could be wrong here?

ANSWER

Answered 2021-Sep-17 at 23:52

A 400 is a pretty unusual response code for a preflight response. That suggests the endpoint might be configured to expect a certain request body/payload or headers in the request regardless of what the HTTP method is for the request. But since for the preflight OPTIONS request, the browser sends no request body and no additional header, the server code is not receiving what it expects.

For such cases, the fix is to ensure you have a specific, separate handler for OPTIONS requests configured for that route/endpoint.

Source https://stackoverflow.com/questions/69227515