Please note that CORS is working fine for the calls I don’t attribute with RateLimit.
This is my CorsFeature settings:
allowedHeaders: "Content-Type, Allow, Authorization"));
POST /json/reply/BotProcessAnonymousMessage HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36
Accept-Encoding: gzip, deflate, br
HTTP/1.1 429 Too many Requests. Back-off and try again later.
Date: Sat, 21 Mar 2020 11:17:44 GMT
In my console
Access to fetch at 'http://localhost:5000/json/reply/BotProcessAnonymousMessage' from origin 'http://localhost:3000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.
index.js?7626:829 POST http://localhost:5000/json/reply/BotProcessAnonymousMessage net::ERR_FAILED
And the try catch in my vue app gives this as ‘error’
TypeError: Failed to fetch
So basically the ServiceStack call is fine, gives me the 429.
However, the browser, (and the ServiceStack JsonClient), seems to “see” the CORS issue as the root cause.