-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix return value for origin when none matched #16
Conversation
end | ||
|
||
def call(conn, options) do | ||
conn = put_in conn.resp_headers, conn.resp_headers ++ headers(conn, options) | ||
new_headers = headers(conn, options) | ||
conn = put_in(conn.resp_headers, new_headers) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will override previously set headers
I haven't gotten around to this, thanks for taking care of it! I added a few notes, if you could fix those and squash it all into one commit, please. Thanks again! |
@mschae awesome, glad to help. Lemme know if my last commit addresses everything, if so I'll squash and force push. |
Looks great, thanks so much @somlor! |
One little thing, looks like
Thoughts? |
Hm, didn't know that, sorry... Since that warning will likely be emitted when compiling this as a dep, please silently curse me and revert back to code comments. Sorry about that. |
lol, no worries at all. Will push up a single commit in a minute. 😸 |
problem: access-control-allow-origin header returns invalid nil value when request is not in whitelisted origin(s). this causes an erlang error: "Bad value on output port 'tcp_inet'" solution: return "null" string recommended in w3c spec https://www.w3.org/TR/cors/#access-control-allow-origin-response-header other changes: - replace deprecated Dict.merge with Keyword.merge - use parens and pipes for added clarity - add explanatory comments
Fix return value for origin when none matched
Published v1.1.1 based on this, thanks @somlor! |
Happy to help! Thanks for creating this. 👍 |
This fixes
[error] Bad value on output port 'tcp_inet'
when request origin is not in allowed origins, by returning"null"
string, instead of nil, which I believe is not a valid value for this header. See: https://www.w3.org/TR/cors/#access-control-allow-origin-response-headerNot entirely sure of the implications. Thoughts?