about cors settings

Hi, Dears
i meet cors problem，when client seent "OPTION" requet, get 405 error, I find the source not not process "OPTION" method ：

Is any way to fixed it？

add this code, fixed:

is right?

I think your solution is a good one.

It's unclear to me how a GraphQL server (library) should respond to an OPTIONS request. I skimmed the draft specification for GraphQL over HTTP and I only see POST and GET mentioned.

I think handling CORS requests in your own middleware wrapped around the gateway is probably the best choice for now. Perhaps if there's precedent from other GraphQL servers or some clarification in the spec, then we could support OPTIONS in gateway natively.

You could adopt a similar HTTP handler for OPTIONS to the one provided in cmd/gateway here:

gateway/cmd/gateway/http.go

Lines 48 to 59 in 3c19e01

    
           // set the necessary CORS headers 
        
           w.Header().Set("Access-Control-Allow-Origin", "*") 
        
           w.Header().Set("Access-Control-Allow-Credentials", "true") 
        
           w.Header().Set("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT") 
        
           w.Header().Set("Access-Control-Allow-Headers", "*") 
        
           // if we are handling a pre-flight request 
        
           if r.Method == http.MethodOptions { 
        
           	return 
        
           } 
        
           playgroundHandler.ServeHTTP(w, r)

The library though may need to wait to adopt this until the GraphQL community establishes the right path forward. I'd be happy to reopen this once that becomes clearer.

	// set the necessary CORS headers
	w.Header().Set("Access-Control-Allow-Origin", "*")
	w.Header().Set("Access-Control-Allow-Credentials", "true")
	w.Header().Set("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT")
	w.Header().Set("Access-Control-Allow-Headers", "*")

	// if we are handling a pre-flight request
	if r.Method == http.MethodOptions {
	return
	}

	playgroundHandler.ServeHTTP(w, r)