Redmine: Issueshttps://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292015-08-05T08:55:43ZRedmine
Redmine Redmine - Defect #20479 (New): Undocumented pagination support for APIhttps://www.redmine.org/issues/204792015-08-05T08:55:43ZTommaso Visconti
<p>It's not documented the possibility to use the <code>page</code> param instead of the <code>offset</code> param.</p>
<p>The <code>ApplicationController.api_offset_and_limit</code> method automatically calculate the offset if the <code>page</code> param is present</p> Redmine - Defect #20472 (New): Filtered API calls delete CORShttps://www.redmine.org/issues/204722015-08-04T15:51:12ZTommaso Visconti
<p>This is a strange behaviour of the API. I'm using rack-cors to enable API consuming by other apps (Ember.js).</p>
<p>When using various endpoints (/issues.json, time_entries.json, projects.json) everything is ok.</p>
<p>With this specific call, CORS headers aren't added to the response and the browser blocks the request with the "famous" error: <code>No 'Access-Control-Allow-Origin' header is present on the requested resource</code><br />The call is:</p>
<pre>
/time_entries.json?user_id=<ID>
or
/time_entries.json?user_id=me
</pre>
<p>The only added header is:</p>
<pre>
X-Rack-CORS: preflight-hit; no-origin
</pre>
<p>If I change the param with something not recognized by redmine (e.g. ?wrong_param=me), everything works well (the response isn't filtered). So the problem seems to be related to the filtering of the time entries by user.<br />Maybe with this particular filtering redmine creates a different response which avoid the rack-cors action?</p>
<p>The correct headers, added by rack-cors, should be:</p>
<pre>
Access-Control-Allow-Origin: http://localhost:4200
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
X-Rack-CORS: hit
</pre>