How to allow CORS and custom headers for POCO handleRequest method?

Question

I am working on the SPA application that sends requests for POCO http server, and I send credentials via headers like username = "user1", but that custom header is not part of the request, the title of the header is just added to the header "Access-Control-Allow-Headers": "username,....". How can I handle that situation with POCO HTTP server?

I added to the request and response headers but it does not work request.add("Access-Control-Allow-Origin", "*"); request.add("Access-Control-Allow-Headers", "origin, x-requested-with, content-type, x-custom-header-here");

score 0 · Answer 1 · answered Apr 29 '20 at 11:30

0

Simply add the header Access-Control-Allow-Origin to your server response.

Example:

response.set("Access-Control-Allow-Origin", "*");

answered Apr 29 '20 at 11:30

Jérémy Goussé

116
1
8

score 0 · Answer 2 · answered May 04 '20 at 18:53

I have resolved that issue. Actually just response.set("Access-Control-Allow-Origin", "*"); will not work you need to process HTTP_OPTIONS request and do it there. So just add to your request that code

if (request.getMethod() == Poco::Net::HTTPRequest::HTTP_OPTIONS)
    {
        response.setContentType("application/json");
        response.setKeepAlive(true); 
        response.add("Access-Control-Allow-Headers", "argument1, argument");
        response.add("Access-Control-Allow-Method","POST");
        response.send();
        return;
    }

How to allow CORS and custom headers for POCO handleRequest method?

2 Answers2

Linked