Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
/openapi should provider CORS headers
See original GitHub issueSince CORS support is not mandatory in the specification, I’ve seen some implementations that doesn’t use CORS headers on /openapi.
However, tools like Swagger presents the following error message when consuming a MP application with OpenAPI without CORS headers: "Possible cross-origin (CORS) issue? The URL origin (http://localhost:8080) does not match the page (http://localhost). Check the server returns the correct 'Access-Control-Allow-*' headers."
This issue is to request that CORS headers should be mandatory to enable tools like Swagger-UI to consume /openapi endpoint.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@MikeEdgar I reopened this issue for further discussion. If we all think it is not something we should spec, we can then close it.
@phillip-kruger confirmed that Quarkus has CORS enabled for the
/openapiendpoint but we’ll need to double check on Thorntail and WildFly. We discussed this on the call today and we are not convinced that CORS is something the spec should be mandating. So I think we’re inclined to close this as rejected, unless @MikeEdgar or @arthurdm (or anyone else) have dissenting opinions.