Upgrade go-chi/chi to commit that handles Vary header properly #803
Commits on Apr 11, 2022
-
Upgrade go-chi/chi to commit that handles Vary header properly
For CORS, the server needs to include `Origin` in the `Vary` response https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#access-control-allow-origin Flipt is using go-chi/cors to handle CORS which does include that header https://github.com/go-chi/cors/blob/9b0b248d5e6ba10c954f076a98c5f7760f243882/cors.go#L242-L247 However, if the request includes `Accept-Encoding`, this triggers this line https://github.com/go-chi/chi/blob/86f9a6e7ce9bf453eaa339b51f88f586edbccbc1/middleware/compress.go#L321 which overrides any previously set Vary headers N.B. `Accept-Encoding` is a forbidden header https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name meaning it can only be set by the user agent and cannot be modified in JS as a workaround This bug was fixed in go-chi/chi#640, so this commit updates go-chi/chi to that commit hash with `go get github.com/go-chi/chi/v5@b750c805b4ee0952b`
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.