Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug]: api requests from a browser fail due to api key header not being allowed #4928

Closed
1 task done
Quadrubo opened this issue Jun 24, 2024 · 2 comments · Fixed by #4929
Closed
1 task done

[bug]: api requests from a browser fail due to api key header not being allowed #4928

Quadrubo opened this issue Jun 24, 2024 · 2 comments · Fixed by #4929
Assignees
@srinivaspendem @pushya22
Labels
🐛bug Something isn't working

Comments

@Quadrubo
Copy link
Contributor

Is there an existing issue for this?

  • I have searched the existing issues

Current behavior

API requests that are being sent by a browser, for example by API testing tools like Yaade/Hoppscotch/Insomnia, fail because the header "X-API-Key" is not allowed by the plane server even though it is needed for authentication.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://plane.domain.com/api/v1/workspaces/general/projects/{project-id}/issues/. (Reason: header ‘x-api-key’ is not allowed according to header ‘Access-Control-Allow-Headers’ from CORS preflight response)

Steps to reproduce

  1. Go to a browser based API testing tool like https://hoppscotch.io/.
  2. Create a collection with a request to any plane api endpoint.
  3. Create the header "X-API-Token" with a token you created from your workspace.
  4. Send the request.

Environment

Production

Browser

Mozilla Firefox

Variant

Self-hosted

Version

stable (v0.21-dev)
@Quadrubo Quadrubo added the 🐛bug Something isn't working label Jun 24, 2024
@Quadrubo Quadrubo mentioned this issue Jun 24, 2024
Merged
@pablohashescobar
Copy link
Collaborator

@Quadrubo, thanks for pointing out this issue. We will merge the associated PR soon.

@Quadrubo
Copy link
Contributor Author

@Quadrubo, thanks for pointing out this issue. We will merge the associated PR soon.

Thank you.
Would be nice to see this in the next release :)

@pablohashescobar pablohashescobar mentioned this issue Jun 29, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@srinivaspendem srinivaspendem

@pushya22 pushya22

Labels
🐛bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: api requests cors Quadrubo/plane
4 participants
@srinivaspendem @Quadrubo @pablohashescobar @pushya22