2

I'm trying to add CORS headers to incoming requests but I've noticed that app.response.headers is an immutable map and app.request.response doesn't exist even though it appears in the documentation examples. So, to the OPTIONS request I'm replying using a new Shelf response, but I can't find a way to add any new headers to the response of the actual request. Any ideas?

@app.Interceptor(r"/api/.*", chainIdx: 1)
corsInterceptor() {

    if (app.request.method == "OPTIONS") {
        var response = new shelf.Response.ok("", headers: HEADERS);
        app.chain.interrupt(statusCode: HttpStatus.OK, responseValue: response);
    } else {
    // app.request.response is not available
        app.request.response.headers.add('Access-Control-Allow-Origin', '*');
        app.chain.next();
    }
}
Günter Zöchbauer
  • 623,577
  • 216
  • 2,003
  • 1,567
lucassp
  • 4,133
  • 3
  • 27
  • 36

1 Answers1

1

I found the fix in the first piece of code inside the Interceptor documentation...:)

@app.Interceptor(r"/api/.*", chainIdx: 1)
corsInterceptor() {
    if (app.request.method == "OPTIONS") {
        var response = new shelf.Response.ok("", headers: HEADERS);
        app.chain.interrupt(statusCode: HttpStatus.OK, responseValue: response);
    } else {
        app.chain.next(() => app.response.change(headers: HEADERS));
    }
}

app.chain.next() can take a callback as argument, which is expected to return a Response object. In this case app.response.change() returns a response with the correct headers.

lucassp
  • 4,133
  • 3
  • 27
  • 36