I'm creating a backend web service using micro application from phalcon. I already set the CORS middleware just like the one inside the docs. It works fine with all the request I sent. Except when I add Authorization to the request header, for example like Authorization: fe7397b3c6d541ee1ac3f4e3b3bb223c... in my client application it shows an error like this:
I don't know what's causing this, I'm using Vue & Axios in my client application.
CORSMiddleware.php
<?php
namespace App\Middlewares;
use Phalcon\Events\Event;
use Phalcon\Http\Request;
use Phalcon\Http\Response;
use Phalcon\Mvc\Micro;
use Phalcon\Mvc\Micro\MiddlewareInterface;
/**
* CORSMiddleware
*
* @property Request $request
* @property Response $response
*/
class CORSMiddleware implements MiddlewareInterface
{
/**
* @param Event $event
* @param Micro $application
*
* @returns bool
*/
public function beforeHandleRoute(
Event $event,
Micro $application
) {
if ($application->request->getHeader('ORIGIN')) {
$origin = $application
->request
->getHeader('ORIGIN')
;
} else {
$origin = '*';
}
$application
->response
->setHeader(
'Access-Control-Allow-Origin',
$origin
)
->setHeader(
'Access-Control-Allow-Methods',
'GET,PUT,POST,DELETE,OPTIONS'
)
->setHeader(
'Access-Control-Allow-Headers',
'Origin, X-Requested-With, Content-Range, ' .
'Content-Disposition, Content-Type, Authorization'
)
->setHeader(
'Access-Control-Allow-Credentials',
'true'
)
;
}
/**
* @param Micro $application
*
* @returns bool
*/
public function call(Micro $application)
{
return true;
}
}My Router
// Authentication Routes
$auth = new MicroCollection();
$auth
->setHandler(AuthController::class, true)
->setPrefix('/v1')
->post('/login', 'login')
->get('/profile', 'profile');
$app->mount($auth);
// Handle Preflight Request
$app->options('/{catch:(.*)}', function() use ($app) {
$app->response->setStatusCode(200, "OK")->send();
});Anybody have an idea of what's causing this? or how should I do it properly? thank you :)