Draft: Allow same origin for OpenAPI viewer (!144270) · Merge requests · GitLab.org / GitLab

austen-herbst requested to merge austen-herbst/gitlab:431175-openapi-origin-is-null-in-api-testing-request into master Feb 08, 2024

What does this MR do and why?

This MR address an issue where the Origin header is set to null, which causes CORS issues. Right now it's not possible to use the "Try it out" feature in the GitLab OpenAPI viewer as the API server is receiving null as the origin.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

This screen recording shows the issue before and after the change.

GitLab_Screen_Recording

How to set up and validate locally

See screen recording to see these steps in action.

Open any OpenAPI spec in a repository.
Open the browser Developer tools/Web Inspector, select the network tab and choose "Clear Network Items"
Click on one of the endpoints in the rendered documentation view and choose "Try it out" and then "Execute"
You should see a successful response in the UI and also in the Developer tools/Web Inspector

Related to #431175

Edited Feb 08, 2024 by austen-herbst

Draft: Allow same origin for OpenAPI viewer

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports