Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade from 3.3.6 to 3.3.7 leads to 405 for OPTIONS request on / #6455

Closed
BacLuc opened this issue Jul 7, 2024 · 5 comments
Closed

Upgrade from 3.3.6 to 3.3.7 leads to 405 for OPTIONS request on / #6455

BacLuc opened this issue Jul 7, 2024 · 5 comments

Comments

@BacLuc
Copy link

BacLuc commented Jul 7, 2024

API Platform version(s) affected: 3.3.7

Description
After the upgrade of api-platform from 3.3.6 to 3.3.7, our test
https://github.com/ecamp/ecamp3/blob/3cd279fd1c1367287ea989f38f7238f93026e4b4/api/tests/Api/RootTest.php
fails.

It returns the following:

Failed asserting that the Response status code is 200.
HTTP/1.1 405 Method Not Allowed
Allow:                  GET, HEAD

The PR is here:

The header with Allow: makes sense, but i would expect that api-platform returns a 2x status code for the OPTIONS request.
(And that this behaviour does not change in a bugfix update).
Or do we need to allow OPTIONS Requests explicitly for all routes?

How to reproduce
See the test

Possible Solution
I did not see which change between 3.3.6 and 3.3.7 might have caused this.
Either update the Changelog or change the behaviour back.

Additional Context
@soyuka
Copy link
Member

soyuka commented Jul 8, 2024

is it this change? #6437 should we add OPTIONS as well?

@BacLuc
Copy link
Author

BacLuc commented Jul 8, 2024

Ah, does this change only allow GET and HEAD for /, /docs etc?
Then this may be it.
ui, preflight requests won't like that...

@dunglas
Copy link
Member

dunglas commented Jul 8, 2024

If I'm not mistaken, OPTIONS requests should be handled by NelmioCorsBundle or the server web directly.

Maybe do we need to update the default Nelmio config?

@BacLuc
Copy link
Author

BacLuc commented Jul 15, 2024

It seems you have now to send the correct headers that it is a preflight request.
So it is not urgend, preflight requests still work.

When i find time i will try to find out why this is now required.
But for now the next who runs into this issue hopefully finds this, and sees this solution:

public function testOptionsWhenNotLoggedIn() {
        static::createBasicClient()->request(
            'OPTIONS',
            '/',
            [
                'headers' => [
                    'Origin' => 'http://localhost:3000',
                    'Access-Control-Request-Method' => 'GET',
                    'Access-Control-Request-Headers' => 'Origin, Content-Type, Accept, Authorization'
                ]
            ]
        );
        $this->assertResponseStatusCodeSame(200);
    }

BacLuc added a commit to ecamp/ecamp3 that referenced this issue Jul 15, 2024
@BacLuc
api: use a correct preflight request in RootTest
8bce893 
This seems now to be necessary after the upgrade of api-platform.
see api-platform/core#6455
BacLuc added a commit to ecamp/ecamp3 that referenced this issue Jul 15, 2024
@BacLuc
api: use a correct preflight request in RootTest
b02f4f9 
This seems now to be necessary after the upgrade of api-platform.
see api-platform/core#6455
BacLuc added a commit to ecamp/ecamp3 that referenced this issue Jul 15, 2024
@BacLuc
api: use a correct preflight request in RootTest
19e4140 
This seems now to be necessary after the upgrade of api-platform.
see api-platform/core#6455
BacLuc added a commit to ecamp/ecamp3 that referenced this issue Jul 16, 2024
@BacLuc
api: use a correct preflight request in RootTest
e23cada 
This seems now to be necessary after the upgrade of api-platform.
see api-platform/core#6455
BacLuc added a commit to ecamp/ecamp3 that referenced this issue Jul 21, 2024
@BacLuc
api: use a correct preflight request in RootTest
36dfdb6 
This seems now to be necessary after the upgrade of api-platform.
see api-platform/core#6455
BacLuc added a commit to BacLuc/api-platform-demo that referenced this issue Aug 1, 2024
@BacLuc
test: test that an options request on root endpoint is successfull
ac59761 
Related to api-platform/core#6455
It is more or less the same test as in
https://github.com/ecamp/ecamp3/blob/3cd279fd1c1367287ea989f38f7238f93026e4b4/api/tests/Api/RootTest.php
@BacLuc BacLuc mentioned this issue Aug 1, 2024
Closed
@BacLuc
Copy link
Author

BacLuc commented Aug 1, 2024

I added a test to the api-platform/demo repo.
I think this is enough for now.
Thanks for the help.

@BacLuc BacLuc closed this as completed Aug 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dunglas @soyuka @BacLuc