Issue with non http and https Origins

[babarinde]

Bug Report

Q	A
Version(s)	x.y.z

Summary

When a request is made from an origin that its scheme is not http(s), the pre flight request fails and we understand that this may be caused by the URI factory

Current behavior

When our Origin is capacitor://xyz.com, pre flight request fails

How to reproduce

Make a preflight request with a non http(s) scheme

Expected behavior

Preflight and CORS request should proceed as this is a valid URI

[boesing]

Hey @babarinde,
thanks for the feedback here.

Can you probably create a failing unit test for this?
I am not 100% sure if I can follow every path in my head of what your problem is and this would help us to narrow down the issue.

Thanks in advance!

---

Although: how does your CORS config look like?

[babarinde]

Thanks for your feedback its a custom origin scheme actually like this but in this case the scheme is capacitor instead of android

Config:
`<?php

use Mezzio\Cors\Configuration\ConfigurationInterface;

return [
ConfigurationInterface::CONFIGURATION_IDENTIFIER => [
"allowed_origins" => ["*"],
"allowed_headers" => ["Content-Type", "Accept", "Authorization", "X-API-KEY", "X-APP-ID"],
'credentials_allowed' => true,
'allowed_max_age' => '600',
]
];
`
we see that Uri from laminas is called and allowed schemes are linked to

[boesing]

I don't think that this is the right component you should raise the concern.
The main problem seems to be how your project is bundled.

If you are using diactoros and that component does not provide the required features you are expecting, you can either change the psr/http-factory implementation or create an issue in the diactoros component.

The CORS component does not require a specific PSR-17 implementation and therefore already provides the possibility to change the implementations. We do need a PSR-17 UriFactory as parsing URLs is not the job of this component.

---

Please either create an issue in laminas-diactoros or change the underlying PSR-17 implementation of your project.