The initial OPTIONS request returns 401 unauthorized with the above error.
Chrome network tab shows this in Request Headers
Provisional headers are shown
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: http://localhost:6060
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Sentry currently doesn’t support CORS requests on its APIs. I’d recommend one of the following:
sending those requests from your backend, or making a simple serverside app that makes those requests on behalf of your JS frontend.
putting something in your nginx config that intercepts those options requests before they hit sentry and returns a correct Access-Control-Allow-Origin header.
Getting the same errors, spent the whole day reading the docs and trying to figure out why. Would have been ideal if these kind of info are stated in the API docs.
I’m having the same issue. I’m trying to use the user-feedback endpoint (https://docs.sentry.io/api/projects/post-project-user-reports/) to send user-feedback through a custom dialog (as the default one doesn’t match my app styles) but when performing the POST request I get the issue with 401s against the OPTIONS request.
The same request of course works fine through curl but implementing a backend service just to wrap this simple functionality seems like overkill.
Any plans to implement CORS stuff on your API @untitaker ?
I ran into this issue too and couldn’t find anything in the docs that stated that Sentry does not support CORS requests. Has there been an update on this?
It would also be great if you could handle the preflight response better, because receiving the correct Access-Control-Allow-Origin and Access-Control-Allow-Methods responses gives the impression that Sentry does support CORS. But then, the 401 status code leads to confusion. That combined with not mentioning in the docs that there is no CORS support is very misleading.
Thank you!
Having the same issue.
Axios does not support OPTIONS requests with credentials, because thats not part of the RFC
http s://github.com/axios/axios/issues/1358
from http s://stackoverflow.com/questions/15734031/why-does-the-preflight-options-request-of-an-authenticated-cors-request-work-in
The W3 spec for CORS preflight requests clearly states that user credentials should be excluded.
How can I get the OPTIONS request to send and respond consistently?
Simply have the server (API in this example) respond to OPTIONS requests without requiring authentication.
Need to find a different way until this gets fixed in Sentry…
So I am confused. How do I implement sending user feedback to sentry from a React application? Like @adam I want to use my dialogs and just use the API endpoints to submit the data, this has to be possible no?