Skip to content

feat: add options and helper function to enable cors#19

Open
jneums wants to merge 2 commits intokrpeacock:mainfrom
jneums:7-16-cors
Open

feat: add options and helper function to enable cors#19
jneums wants to merge 2 commits intokrpeacock:mainfrom
jneums:7-16-cors

Conversation

@jneums
Copy link
Copy Markdown

@jneums jneums commented Jul 16, 2025

This pull request introduces Cross-Origin Resource Sharing (CORS) support. It also includes documentation and testing for the new functionality.

According to this thread on the developer forum, options headers should now be forwarded correctly to the canister, enabling the ability to support CORS.

Currently, browsers block frontend applications served from a different origin (e.g., localhost:5173) from making fetch requests to a canister API (*.localhost:4943). This PR resolves the issue by implementing the standard CORS preflight (OPTIONS) and response header mechanism.

Changes Made

  1. Server.mo Library Updates:

    • Added a new optionsRequests map and a public server.options() method to allow for the registration of OPTIONS route handlers.
    • Introduced a convenient server.enableCors(origin, methods, headers) helper function. This function configures the server to automatically handle preflight OPTIONS requests and add the necessary Access-Control-Allow-Origin header to all API responses.
    • Fixed a bug to prevent duplicate Access-Control-Allow-Origin headers from being sent in preflight responses.

  2. Documentation (README.md):

    • Added a new "Enabling CORS" section to the README to explain the feature and its importance.
    • Documented the new server.enableCors() helper function with a clear usage example.
    • Updated the API reference to include the new server.options() method.

  3. Testing (test/test.spec.js):

    • Added a new "CORS" test suite to validate the functionality.
    • Tests include verifying the OPTIONS preflight response, ensuring the Access-Control-Allow-Origin header is present on subsequent requests, and confirming that the duplicate header bug is fixed.

  4. Test Canister (test/main.mo):

    • Enabled the new CORS functionality within the test canister using server.enableCors().
    • Added a /post-test endpoint to facilitate testing of preflight requests for POST methods.

How to Test

  1. Pull down the changes.
  2. Run the test suite via npm test.
  3. All existing and new tests, including the CORS-specific tests, should pass.

Checklist

  • I have added tests that prove my feature works.
  • I have updated the documentation to include the new .options() and .enableCors() methods.
  • The code follows the project's existing style guidelines.

@jneums jneums changed the title 7 16 cors feat: add options and helper function to enable cors Jul 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jneums