apigee-127/swagger-express

Ajax Query Preflight Failing

Opened this issue · 8 comments

I am not seeing any examples on how to handle an OPTIONS request sent in during the preflight check of an Ajax query. I have resolved CORS issues but now am receiving the following exception:

Error: Path [/ping] defined in Swagger, but OPTIONS operation is not.
    at middleware (/var/node/api/node_modules/swagger-express-mw/node_modules/swagger-node-runner/lib/connect_middleware.js:31:21)
    at Layer.handle [as handle_request] (/var/node/api/node_modules/express/lib/router/layer.js:82:5)
    at trim_prefix (/var/node/api/node_modules/express/lib/router/index.js:302:13)
    at /var/node/api/node_modules/express/lib/router/index.js:270:7
    at Function.proto.process_params (/var/node/api/node_modules/express/lib/router/index.js:321:12)
    at next (/var/node/api/node_modules/express/lib/router/index.js:261:10)
    at /var/node/api/app.js:38:8
    at Layer.handle [as handle_request] (/var/node/api/node_modules/express/lib/router/layer.js:82:5)
    at trim_prefix (/var/node/api/node_modules/express/lib/router/index.js:302:13)
    at /var/node/api/node_modules/express/lib/router/index.js:270:7

It is clear that I need to define an OPTIONS operation... but how... and what is expected? Could you put together a reference OPTIONS operation for an ajax preflight request?

Well, there are a couple of options to dealing with cors:

  1. Just install and use a middleware like cors. It's generic, but it works in most cases. This is actually part of the default pipeline in the new swagger-node-runner. If you do this, you don't need to include anything specific in your swagger, but it also won't show up in your documentation - if that's something you want.
  2. Manually add the options operation to each of your Swagger paths with an appropriate controller that returns the necessary information for options.

Thank you! I will implement cors and give it a go. You mentioned that it
is the new swagger-node-runner module. Is that currently released?
On Dec 3, 2015 9:46 AM, "Scott Ganyo" notifications@github.com wrote:

Well, there are a couple of options to dealing with cors:

Just install and use a middleware like cors
https://www.npmjs.com/package/cors. It's generic, but it works in
most cases. This is actually part of the default pipeline in the new
swagger-node-runner. If you do this, you don't need to include anything
specific in your swagger, but it also won't show up in your documentation -
if that's something you want.
2.

Manually add the options operation to each of your Swagger paths with
an appropriate controller that returns the necessary information for
options.


Reply to this email directly or view it on GitHub
#3 (comment)
.

If you're using swagger-express-mw@0.6.0, you're already using the latest. If not, you'll need to do a little upgrade work... But it's pretty easy, start here: https://github.com/theganyo/swagger-node-runner/releases/tag/v0.6.0.

I am indeed running 0.6.0. Do I need to install cors or just implement it
according to the cors npm documentation?
On Dec 3, 2015 10:30 AM, "Scott Ganyo" notifications@github.com wrote:

If you're using swagger-express-mw@0.6.0, you're already using the
latest. If not, you'll need to do a little upgrade work... But it's pretty
easy, start here:
https://github.com/theganyo/swagger-node-runner/releases/tag/v0.6.0.


Reply to this email directly or view it on GitHub
#3 (comment)
.

Actually, if you're running the latest, you don't even need to do that. You just need to make sure the existing fitting is listed for your pipe. The swagger_controllers pipe should look something like this and have "cors" listed as the first item after the error handler...

    swagger_controllers:
      - onError: json_error_handler
      - cors
      - swagger_params_parser
      - _swagger_security
      - _swagger_validate
      - express_compatibility
      - _router

If you have that, it should automatically route all request through the cors for any of your declared paths.

If you have that and it's not working, we'll need to dig deeper to figure out what's happening for you...

Bummer... I do indeed have that. I detailed my setup and the problem at stack overflow:
http://stackoverflow.com/questions/34016007/swagger-ajax-preflight-options

It seemed odd to me that it wasn't working. Take a look and see if anything comes up.

Scott,

Have you had a chance to look at the comments I posted including the stack
overflow posst?

http://stackoverflow.com/questions/34016007/swagger-ajax-preflight-options

Thanks again!

Rusty

On Thu, Dec 3, 2015 at 10:51 AM, Scott Ganyo notifications@github.com
wrote:

Actually, if you're running the latest, you don't even need to do that.
You just need to make sure the existing fitting is listed for your pipe.
The swagger_controllers pipe should look something like this and have
"cors" listed as the first item after the error handler...

swagger_controllers:
  - onError: json_error_handler
  - cors
  - swagger_params_parser
  - _swagger_security
  - _swagger_validate
  - express_compatibility
  - _router

If you have that, it should automatically route all request through the
cors for any of your declared paths.

If you have that and it's not working, we'll need to dig deeper to figure
out what's happening for you...


Reply to this email directly or view it on GitHub
#3 (comment)
.

Hey Rusty,

Sorry I haven't gotten back to this before now. Do you happen to have a project you can share that recreates the issue? I've attempted to recreate myself, but I can't seem to hit whatever it is that you're hitting.