We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
If a browser sends an OPTIONS request, but origin it not match, now koajs/cors will return 404 status code, due to https://github.com/koajs/cors/blob/master/index.js#L60
OPTIONS
origin
koajs/cors
then the browser will warn 404, some user will confuse if they need to register an OPTION router.
should it return 204 here?
I don't find any clear description at SPEC:
https://www.w3.org/TR/cors 7.1.5 Cross-Origin Request with Preflight
7.1.5 Cross-Origin Request with Preflight
and according to spec below, OPTIONS should never return 404.
Responses to the OPTIONS method are not cacheable.
A 404 response is cacheable by default;
and Express will return 204, https://github.com/expressjs/cors/blob/master/lib/index.js#L178
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Background
If a browser sends an
OPTIONSrequest, butoriginit not match, nowkoajs/corswill return 404 status code, due to https://github.com/koajs/cors/blob/master/index.js#L60then the browser will warn 404, some user will confuse if they need to register an OPTION router.
Discuss
should it return 204 here?
I don't find any clear description at SPEC:
https://www.w3.org/TR/cors
7.1.5 Cross-Origin Request with Preflightand according to spec below,
OPTIONSshould never return 404.Responses to the OPTIONS method are not cacheable.A 404 response is cacheable by default;and Express will return 204, https://github.com/expressjs/cors/blob/master/lib/index.js#L178
The text was updated successfully, but these errors were encountered: