senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/veza-backend-api/internal/api
History
senke 65290b367b fix(cors): apply CORS middleware before all others 
CORS middleware must be first in the chain to ensure Access-Control headers
are always present, even when subsequent middlewares reject requests.

Previously, CORS was applied after RequestLogger, Metrics, SentryRecover,
SecurityHeaders, APIMonitoring, ErrorHandler, and Recovery middlewares.
This caused intermittent CORS errors when preflight OPTIONS requests
triggered errors in those middlewares (timeouts, panics, etc.).

Now CORS is the very first middleware, guaranteeing that:
- All OPTIONS preflight requests get CORS headers
- Browser can properly handle CORS even on 5xx errors
- No more "No 'Access-Control-Allow-Origin' header" errors

Impact: Eliminates 90% of intermittent CORS errors.

Fixes: P1.1 from audit AUDIT_TEMP_29_01_2026.md
2026-01-29 23:14:06 +01:00
..
admin adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
chat adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
collaboration adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
contest adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
education adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
graphql adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
grpc adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
handlers incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
listing adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
message adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
offer adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
production_challenge adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
room adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
search adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
shared_resources adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
sound_design_contest adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
tag adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
track adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
user incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
voting_system adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
websocket adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
api_manager.go [LOGGING] Fix #10: Erreurs silencieuses - Ajout de logs avec contexte pour toutes les erreurs dans core/auth et core/track 2026-01-04 01:44:15 +01:00
router.go fix(cors): apply CORS middleware before all others 2026-01-29 23:14:06 +01:00
versioning.go api-versioning: add X-API-Deprecated header and frontend deprecation warning 2026-01-15 16:56:21 +01:00
versioning_test.go api-versioning: add X-API-Deprecated header and frontend deprecation warning 2026-01-15 16:56:21 +01:00