This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-05-10
Channels
- # announcements (4)
- # babashka (29)
- # beginners (15)
- # calva (4)
- # cljs-dev (1)
- # clojure (28)
- # clojure-dev (13)
- # clojure-europe (3)
- # clojure-india (1)
- # clojure-spec (7)
- # clojure-uk (5)
- # clojurescript (37)
- # component (2)
- # conjure (60)
- # cursive (2)
- # datomic (1)
- # emacs (1)
- # figwheel-main (18)
- # fulcro (38)
- # graalvm (6)
- # graphql (13)
- # helix (14)
- # jobs-discuss (1)
- # joker (5)
- # lein-figwheel (2)
- # nrepl (3)
- # off-topic (15)
- # other-languages (1)
- # other-lisps (1)
- # pedestal (2)
- # reagent (8)
- # reitit (44)
- # shadow-cljs (83)
- # slack-help (8)
- # spacemacs (1)
I have a reitit server and a reagent template and I'm trying to allow CORS. I've tried using wrap-cors from ring middleware but am having trouble getting it to work. Has anyone else experience this?
(def app2
(ring/ring-handler
(ring/router
[["/" {:get {:handler index-handler}}]
["/items"
["" {:get {:handler index-handler}}]
["/:item-id" {:get {:handler index-handler
:parameters {:path {:item-id int?}}}}]]
["/about" {:get {:handler index-handler}}]]
{:data {:coercion reitit.coercion.spec/coercion
:muuntaja m/instance
:middleware [params/wrap-params
muuntaja/format-middleware
coercion/coerce-exceptions-middleware
coercion/coerce-request-middleware
coercion/coerce-response-middleware]}})
(ring/create-default-handler)))
(def cors {"Access-Control-Allow-Origin" "*"
"Access-Control-Allow-Headers" "Origin, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Content-Type, *"})
where do you place the def cors?
(defn router
[app-config]
(ring/router
[["/api"
["/ping" {:get {:handler pong}}]
["/foobar"
["" {:options {:handler cors-handler}
...
...
...
ah so create a custom fn
cool, I'll give it a shot! thanks!
so when the client does an options first, before the post, it'll hit the cors handler, get back a nice responsee, then invoke the post.
do you have to add this on every route? or can you add to the parent api/?
Doesn't cors mandate that before any dangerous operation, i.e., anything that can modify anything, like POST/PUT/DELETE, then the "options" is hit for that API endpoint
(defn router
[app-config]
(ring/router
[["/api"
["/ping" {:get {:handler pong}}]
["/foobar"
["" {:options {:handler cors-handler}
:post {:handler (create-entry app-config)
:parameters {:body {:user-id s/Int
:age s/Int}}}}]]
bad luck for me, still being blocked