Nginx Question posted in
The official documentation can be found here.

Swagger OpenApi 3.0 not allowing a PUT requests only POST and GET work – Nginx

I have a PUT requests that will not go thru on OPENAPI 3.0 I get the CORS issue but funny thing is that if I take the CURL request that SwaggerUI builds and put it into any CLI it works flawlessly. Only thru SwaggerUI that PUT does not work. POST and GET no problem.

Failed to fetch.
Possible Reasons:
CORS
Network Failure
URL scheme must be "http" or "https" for CORS request.

If I get my JSON file definition it reads as below. I can see that PUT is not in the "Access-Control-Allow-Methods" but I don’t know how to add it.

$ curl -I "http://192.168.2.120:8087/medic/ic-swagger.json"
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Jul 2021 14:55:25 GMT
Content-Type: application/json
Content-Length: 25275
Last-Modified: Tue, 27 Jul 2021 14:54:22 GMT
Connection: keep-alive
ETag: "61001e1e-62bb"
Expires: Tue, 27 Jul 2021 14:55:24 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-
Modified-Since,Cache-Control,Content-Type
Accept-Ranges: bytes

The simple PUT request below

/user/login:
  put:
    tags: [GETTING STARTED]
    summary: Log a user in.
    description: Log a user in and get an Id.
    requestBody:
      required: true
      content:
        text/plain:
          schema:
            $ref: '#/components/schemas/loginBody'
    responses:
      '200':
        description: Successful user login. RESULT will hold the new Id
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/Login_response_1'

Thru POSTMAN no problem and in the header you find:

Access-Control-Allow-Methods: POST, GET, PUT, UPDATE, OPTIONS, HEAD 
Access-Control-Allow-Origin: *

Any help would be appreaciated.

Tags:

3

Answers


  1. Chosen as BEST ANSWER
    0

    Well, I figured it out from some old code but can't remember why this works or if it is the correct solution, if someone can explain, please. So what I found out is that if I add an OPTIONS REST call then everything works perfectly. It seems that preflight goes there and gets the Access-Control-Allow-Origin and then allows the call to go thru.

        @OPTIONS
@Path("user/login")
@Produces(MediaType.APPLICATION_JSON)
public Response optionsLogin() {
    
    Response.ResponseBuilder res = 
    
     Response.ok()
            .header("Access-Control-Allow-Origin", "*")
            .header("Access-Control-Allow-Credentials", "true")
            .header("Access-Control-Allow-Methods", "POST, GET, PUT, UPDATE, OPTIONS, HEAD")
            .header("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With");
    
    return res.build();
}

  2. 0

    Do you use some kind of ad blocker? If yes, you can try to disable it.

    Login or Signup to reply.
  3. 0

    To resolve the CORS problem when you do a PUT with body content, your remote application must add in the response headers:

    Access-Control-Allow-Methods: PUT

    Access-Control-Allow-Headers: Content-Type

    Access-Control-Allow-Origin: * (or https://my-swagger.example.com)

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search