Liana totally overrides pre-existing cors configurations
Shahor opened this issue Β· comments
Expected behavior
Liana doesn't override the cors preferences set by previous middlewares.
It could just append hosts to the existing origins.
It could also respect the predefined maxAge value.
Actual behavior
It overrides origin and maxAge, making it very difficult to handle custom cors
configurations.
It's also very hard to track who modifies those headers.
Failure Logs
TODO: Please include any relevant log snippets, if necessary.
Context
TODO: Please provide any relevant information about your setup.
- Package Version:
βββ¬ forest-express-sequelize@2.16.9
β βββ¬ forest-express@2.15.4
- Express Version:
- 4.16.3
Hi @Shahor, I am not convinced that the liana overrides the cors configuration of your server.
Maybe it is a configuration issue.
Can you detail how (in which order) you declare your middlewares to give us some insights about what the issue is?
Thanks for your help.
Hello,
https://github.com/ForestAdmin/forest-express/blob/devel/src/index.js#L115-L119
If I'm not mistaken, this bit of code overrides whatever cors
configuration was already set
Hi @Shahor,
Can you please πanswer to my previous questions about the order of your middlewares (your own CORS and ForestAdmin init)?
We use our own tool in our express servers and don't observe such issues but we use an undocumented liana initialisation configuration:
Liana.init({
expressParentApp: app, // Express parent app
envSecret: process.env.FOREST_ENV_SECRET,
authSecret: process.env.FOREST_AUTH_SECRET,
sequelize: Sequelize,
connections: [sequelize], // Array of sequelize connections
});
Let me know if it helps
Hi @Shahor, this is fixed in v5 lianas.
Feel free to reopen this ticket if the issue persists after the upgrade.
π²π²π²