Description:
The generated Netty server from smithy-java-server-codegen doesn't properly handle CORS requests despite having @cors traits in the Smithy model. While OPTIONS preflight requests work, actual requests (POST/GET) don't include CORS headers in responses.
Current Behavior:
- OPTIONS preflight requests return correct CORS headers
- Actual requests (POST/GET) return:
- Correct status codes (200/201)
- Correct response bodies
- But missing
Access-Control-Allow-Origin and other CORS headers
- Browser shows error: "CORS header 'Access-Control-Allow-Origin' missing"
Expected Behavior:
All responses should include CORS headers when:
- The request contains an
Origin header
- The origin matches the
@cors trait configuration
- For both preflight (OPTIONS) and actual requests
Reproduction Steps:
- Model with
@cors trait:
@cors(origin: "http://localhost:5173")
service MyService {
operations: [MyOperation]
}
- Generate Java server code
- Start server and make CORS request from browser
- Observe missing headers in actual requests
Description:
The generated Netty server from
smithy-java-server-codegendoesn't properly handle CORS requests despite having@corstraits in the Smithy model. While OPTIONS preflight requests work, actual requests (POST/GET) don't include CORS headers in responses.Current Behavior:
Access-Control-Allow-Originand other CORS headersExpected Behavior:
All responses should include CORS headers when:
Originheader@corstrait configurationReproduction Steps:
@corstrait: