π [Bug]: CORS issue
owen-mills opened this issue Β· comments
Bug Description
When upgrading from 2.52.0 to 2.52.3 we started encountering CORS issue with our app.
The preflight request would return successfully, but subsequent GET requests would fail with CORS error:
Access to XMLHttpRequest at 'xxxx' from origin 'yyyy' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This appears to be related to this recently added code: https://github.com/gofiber/fiber/blob/main/middleware/cors/cors.go#L174
The middleware exits early for any request without an Access-Control-Request-Method header, which is typically just sent on preflight requests.
This means that responses to all other requests don't include the Access-Control-Allow-Origin.
How to Reproduce
Create a gofiber app using cors middleware
In browser, make a cross-origin request to this app from an allowed origin
Expected Behavior
Request should not give CORS error
Fiber Version
v2.52.3
Code Snippet (optional)
package main
import "github.com/gofiber/fiber/v3"
import "log"
func main() {
app := fiber.New()
// Steps to reproduce
log.Fatal(app.Listen(":3000"))
}
Checklist:
- I agree to follow Fiber's Code of Conduct.
- I have checked for existing issues that describe my problem prior to opening this one.
- I understand that improperly formatted bug reports may be closed without explanation.
Thanks for opening your first issue here! π Be sure to follow the issue template! If you need help or want to chat with us, join us on Discord https://gofiber.io/discord
Thx for the report, but it is already fixed in the last version.
https://github.com/gofiber/fiber/releases/tag/v2.52.4