Avoiding preflight requests

[Dejan Gambin]

Hi,

As my app is using Fusio API in docker environment, there are OPTIONS/preflight requests being sent and this affects performance. I know I can avoid sending those reuqests by doing "simple" requests, but this means I must not use Authorization header so I'd have to make all my endpoints public, which I wouldn't like.

Is there any other way of avoiding preflight requests? Maybe sending Authorization header in POST body or something?

Thx

regards, dejan

[Christoph Kappestein]

Hi,

mhh so the preflight request comes from the browser, basically there is nothing you can do about it. You could move your app to the same domain so that you dont need to handle with CORS since you dont violate the same-origin-policy.

best regards

Christoph

[Dejan Gambin]

Hi,

Since I am working in containers (5 containers, 1 is fusio), any idea on how could I achieve this? Because both domain and port should be the same to avoid sending preflight requests.

regards, dejan

--
You received this message because you are subscribed to a topic in the Google Groups "Fusio" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/fusio/Dd141mR7R6A/unsubscribe.
To unsubscribe from this group and all its topics, send an email to fusio+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/fusio/017de7e2-3093-4101-b833-9b27660c4760n%40googlegroups.com.

[Christoph Kappestein]

ok, in this case there is probably no easy solution, I could imagine that you can setup a HTTP proxy which serves Fusio and other apps on the same domain under different paths but Iam not sure whether this would be possible for your case.

best regards

Christoph