Deprecate built-in CORS middleware [2.x]#357
Conversation
Push the responsibility of enabling/configuring CORS back to the application developer.
| // setup | ||
| beforeEach(function() { | ||
| objects = RemoteObjects.create(); | ||
| objects = RemoteObjects.create({cors: false}); |
There was a problem hiding this comment.
Is it necessary to set CORS in all the tests? Should these tests not use the default settings?
There was a problem hiding this comment.
The default setting is to enable the built-in CORS middleware with { origin: true, credentials: true }, which triggers deprecation warnings. That was my intention, to poke 2.x users to rework the CORS settings in their application soon.
This applies to our tests too. If I didn't add {cors: false} to all the tests, then npm test prints a lot of deprecation warnings.
Considering the amount of changes in strongloop/loopback-component-explorer#178 too, perhaps it was not a good idea to add this deprecation message?
There was a problem hiding this comment.
Ah! I didn't think about those messages crowding the test results!
I think you should leave them in.
|
The deprecation messages look fine |
|
approved! |
Push the responsibility of enabling/configuring CORS back to the application developer.
Back-port #352
@richardpringle or @deepakrkris please review