You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, browser do not, and cannot, include that header in pre-flights. In fact, this specific pre-flight (from Chrome) was asking if it was OK to send along Content-type as a header (and the response was "please send along content-type if you'd like me to answer that!").
Also, the content-type of the request specifies the request body, which is not applicable to an OPTIONS request.
I imagine the solution here is to exclude pre-flight requests from this check.
The text was updated successfully, but these errors were encountered:
epheph
changed the title
CORS Pre-Flight requests require Content-Type: application/json
CORS preflight requests require Content-Type: application/json
Dec 22, 2017
A recent PR, #15220 enforces the presence of the request header:
Content-Type: application/json
However, this check ALSO applies to CORS preflight requests (OPTIONS). As an example, this curl fails:
But adding
-H "Content-type: application/json"
allows the pre-flight to proceedHowever, browser do not, and cannot, include that header in pre-flights. In fact, this specific pre-flight (from Chrome) was asking if it was OK to send along Content-type as a header (and the response was "please send along content-type if you'd like me to answer that!").
Also, the content-type of the request specifies the request body, which is not applicable to an OPTIONS request.
I imagine the solution here is to exclude pre-flight requests from this check.
System information
Geth version:
geth version
OS & Version: Linux
Commit hash :
5f8888e11606296c9582496974c0f6b96a882146
Expected behaviour
A pre-flight OPTIONS request should succeed without the presence of "Content-Type" header
Actual behaviour
A pre-flight OPTIONS request responds with 415 without the presence of "Content-Type" header
Steps to reproduce the behaviour
Run the curl commands in the above narrative
Backtrace
n/a
/cc @bas-vk
The text was updated successfully, but these errors were encountered: