Cors header not sent when saving wifi details, even when cors is enabled #80
Comments
|
Thanks for spotting the bug and the proposed fix. To help other users (including me), could you please post more information about your use-case (without proprietary info) why CORS is necessary in local Config Portal ( Please also post the MRE so that I can duplicate the bug. Regards, |
### Releases v1.10.2 1. Send CORS header in handleWifiSave() function. Check [Cors header not sent when saving wifi details, even when cors is enabled #80](#80) 2. Optimize code by using passing by `reference` instead of by `value` 3. Delete all confusing, function-lacking `minimal` examples 4. Display informational warnings only when `_WIFIMGR_LOGLEVEL_ > 3`
### Releases v1.10.2 1. Send CORS header in handleWifiSave() function. Check [Cors header not sent when saving wifi details, even when cors is enabled #80](#80) 2. Optimize code by using passing by `reference` instead of by `value` 3. Delete all confusing, function-lacking `minimal` examples 4. Display informational warnings only when `_WIFIMGR_LOGLEVEL_ > 3`
|
The new ESP_WiFiManager releases v1.10.2 has just been published. Your contribution is noted in Contributions and Thanks Please test and verify the bug has flown away. Best Regards, Releases v1.10.2
|
|
To explain my use case: I have a web app that monitors and sends data to a set of devices, those devices connect via WiFi to send/receive data from the web server. The device setup process is started through the web app on a customers computer/browser, which generates a key for that device. The customer then puts the device in setup mode (WiFiManager is started) and connects their computer to that device's network. Through the browser they started the setup process with the web app queries the board using javascript (through a GET request to 192.168.4.1) to get a list of wifi networks the board has scanned. They select SSID, and enter their WiFi password. Here the browser makes the POST request to 192.168.4.1/wifisave (again using javascript) sending not only the SSID and password, but also the key for the device (received as a custom field), plus any other setup details that need to be transfered. The CORS headers are required on the 'wifisave' endpoint so the browser has the permission to make the POST request to save these details, without which the details can't be saved. This makes the process of setting up a device much more streamlined, as they don't need to open a new browser window and copy/paste the setup data manually. |
|
Thanks for the helpful info. I checked and verified the bug is actually my omission to include it as I did include in the twin library ESPAsync_WiFiManager ESPAsync_WiFiManager-Impl.h#L1760-L1763 That's why I published the new release to address. |
Context: When cors is enabled most pages send the specified cors header, however this header isn't sent when saving the wifi details.
To reproduce this:
Expected behavior
When saving the wifi details you should see the cors header returned:
Access-Control-Allow-Origin | *
Actual behavior
No cors header is returned on the wifisave endpoint
Steps to fix
If the following lines are added to the top of the ESP_WiFiManager::handleWifiSave() function then this solves the problem, as it returns the cors header when saving the wifi details
#if USING_CORS_FEATURE
// New from v1.1.1, for configure CORS Header, default to WM_HTTP_CORS_ALLOW_ALL = "*"
server->sendHeader(FPSTR(WM_HTTP_CORS), _CORS_Header);
#endif
Information
The text was updated successfully, but these errors were encountered: