Make the related links section a feature of FAQ pages

Author: cors-errors

Diff for: _faq/a8d2.md

@@ -1,5 +1,11 @@
 ---
 question: I've tried to implement CORS but it isn't working. What should I do next?
+related:
+  - ea74
+  - cdc8
+  - b1b0
+  - a313
+  - b56b
 ---
 
 First make sure you've understood how CORS works. If you aren't clear on that then you'll waste a lot of time trying
@@ -23,13 +29,3 @@ If you're seeing an `OPTIONS` request that you weren't expecting then see {% inc
 If you're seeing the warning *'Provisional headers are shown'* then see {% include faq-link.html faq="b56b" %}.
 
 If you think all the headers look correct then you can check them using our [CORS header checker](/header-checker).
-
----
-
-Related:
-
-* {% include faq-link.html faq="ea74" %}
-* {% include faq-link.html faq="cdc8" %}
-* {% include faq-link.html faq="b1b0" %}
-* {% include faq-link.html faq="a313" %}
-* {% include faq-link.html faq="b56b" %}.

Diff for: _faq/abe3.md

@@ -1,5 +1,9 @@
 ---
 question: Why am I getting a CORS error when I'm not even using CORS?
+related:
+  - d1a6
+  - b667
+  - f173
 ---
 
 If your website has attempted to make an HTTP request to a different site then the browser will try to use CORS. You
@@ -8,11 +12,3 @@ and the browser will log a CORS error to the console.
 
 Using the same domain with two different port numbers is not sufficient to avoid CORS. The port number is considered
 to be part of the *origin* when the browser decides whether or not to use CORS.
-
----
-
-Related:
-
-* {% include faq-link.html faq="d1a6" %}
-* {% include faq-link.html faq="b667" %}
-* {% include faq-link.html faq="f173" %}

Diff for: _faq/b040.md

@@ -1,5 +1,8 @@
 ---
 question: Why am I seeing a preflight OPTIONS request when I'm not setting any custom headers?
+related:
+  - b56b
+  - b7f6
 ---
 
 The first step to debugging an unexpected preflight request is to check the request headers on the preflight request.
@@ -32,10 +35,3 @@ If you're using a library it may be automatically setting headers for you. Some
 
 If you still can't find where the custom header is coming from then you may need to step through the code. Put a
 breakpoint just before your request and step into the library code to see exactly what is going on.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b56b" %}
-* {% include faq-link.html faq="b7f6" %}

Diff for: _faq/b1b0.md

@@ -1,5 +1,7 @@
 ---
 question: Why can't I access the response headers in my JavaScript code?
+related:
+  - b56b
 ---
 
 By default, only the following response headers are exposed to JavaScript code for a CORS request:
@@ -19,9 +21,3 @@ been implemented in some browsers but at the time of writing it still isn't incl
 To expose other response headers you need to use `Access-Control-Expose-Headers`. See
 {% include external-link.html href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers" %}
 for more information.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b56b" %}

Diff for: _faq/b4d0.md

@@ -1,5 +1,7 @@
 ---
 question: Why can't I see my request in the Network section of the developer tools?
+related:
+  - b56b
 ---
 
 First and foremost check for console errors. The simplest explanation for a missing request is that there's a bug in
@@ -32,9 +34,3 @@ were actually received.
 
 It can be useful to check across multiple browsers. Using a new Incognito/Private window can also help to bypass any
 caching problems that might be interfering with your requests.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b56b" %}

Diff for: _faq/b56b.md

@@ -1,5 +1,8 @@
 ---
 question: Why can't I access the response headers in Chrome's developer tools?
+related:
+  - b4d0
+  - b1b0
 ---
 
 When you try to access the headers via the *Network* tab of Chrome's developer tools you may see the warning:
@@ -33,10 +36,3 @@ If you want to see the actual requests being made you have 3 options:
 3. Use Firefox instead.
 
 Hopefully Chrome will fix the developer tools soon so that this is no longer a problem.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b4d0" %}
-* {% include faq-link.html faq="b1b0" %}

Diff for: _faq/b667.md

@@ -1,5 +1,7 @@
 ---
 question: What does 'origin' mean?
+related:
+  - fe2a
 ---
 
 Consider the following URL:
@@ -23,9 +25,3 @@ The port may be omitted if it is the default port for the scheme, so `80` for `h
 When the browser makes a CORS request it will include the origin for the current page in the **Origin** request header.
 
 In JavaScript you can access the current page's origin using `location.origin`.
-
----
-
-Related:
-
-* {% include faq-link.html faq="fe2a" %}

Diff for: _faq/b6b0.md

@@ -1,5 +1,10 @@
 ---
 question: How can I use cURL to test a preflight request?
+related:
+  - b7f6
+  - d1a6
+  - c7f6
+  - b56b
 ---
 
 In Firefox you should be able to isolate the preflight `OPTIONS` request in the *Network* tab of the developer tools.
@@ -35,12 +40,3 @@ Breaking this down:
    `Access-Control-Request-Headers` if there are no custom headers.
 6. The final line is the URL of the target server. Again this is something you will need to change to match the request
    you are trying to make.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b7f6" %}
-* {% include faq-link.html faq="d1a6" %}
-* {% include faq-link.html faq="c7f6" %}
-* {% include faq-link.html faq="b56b" %}

Diff for: _faq/b7f6.md

@@ -1,5 +1,13 @@
 ---
 question: What is a preflight request?
+related:
+  - f173
+  - b667
+  - b6b0
+  - b040
+  - cd59
+  - ffcc
+  - b56b
 ---
 
 The term is a reference to the preflight checks carried out by pilots.
@@ -76,15 +84,3 @@ No request body will be sent for a preflight request and the response body will
 Note that in current versions of Chrome the preflight request is not shown separately in the developer tools by default.
 See {% include faq-link.html faq="b56b" %} for more information, especially if you're seeing the message
 *'Provisional headers are shown'*.
-
----
-
-Related:
-
-* {% include faq-link.html faq="f173" %}
-* {% include faq-link.html faq="b667" %}
-* {% include faq-link.html faq="b6b0" %}
-* {% include faq-link.html faq="b040" %}
-* {% include faq-link.html faq="cd59" %}
-* {% include faq-link.html faq="ffcc" %}
-* {% include faq-link.html faq="b56b" %}

Diff for: _faq/c320.md

@@ -1,5 +1,8 @@
 ---
 question: Does CORS support HTTP redirects?
+related:
+  - fe2a
+  - e21d
 ---
 
 Yes. CORS requests do support HTTP redirects so long as all the requests include the relevant CORS response headers.
@@ -28,10 +31,3 @@ If not done correctly this can change the request method to `GET`, which can tri
 response from the server. Inadvertently changing to a `GET` request will also cause the request body to be dropped.
 
 Often the simplest solution is to use the final URL instead and skip the redirect altogether.
-
----
-
-Related:
-
-* {% include faq-link.html faq="fe2a" %}
-* {% include faq-link.html faq="e21d" %}

Diff for: _faq/c381.md

@@ -1,5 +1,8 @@
 ---
 question: CORS is annoying. Why can't I turn it off?
+related:
+  - c3f4
+  - b7a4
 ---
 
 Some browsers have command-line options or similar settings to turn off the cross-origin security restrictions. The
@@ -20,10 +23,3 @@ know that, it just sees two different origins (servers) and has to treat them as
 
 Before CORS existed the *same-origin policy* just blocked cross-origin AJAX requests. Now that was *really* annoying. At
 least with CORS the server can choose to allow the request.
-
----
-
-Related:
-
-* {% include faq-link.html faq="c3f4" %}
-* {% include faq-link.html faq="b7a4" %}

Diff for: _faq/c3f4.md

@@ -1,5 +1,8 @@
 ---
 question: Why is CORS so complicated?
+related:
+  - f173
+  - ffcc
 ---
 
 How complicated you find CORS depends on your starting point.
@@ -34,10 +37,3 @@ yourself some time to find out how CORS works. If you try to rush it you'll just
 
 Remember that CORS exists because of very real security concerns. You need to make an informed decision about exactly
 how much of that security you want to turn off.
-
----
-
-Related:
-
-* {% include faq-link.html faq="f173" %}
-* {% include faq-link.html faq="ffcc" %}

Diff for: _faq/c7f6.md

@@ -1,5 +1,9 @@
 ---
 question: Can Postman send a preflight request?
+related:
+  - b7f6
+  - d1a6
+  - b6b0
 ---
 
 A preflight request is just an HTTP request, so it can be sent using Postman.
@@ -78,11 +82,3 @@ drop this code straight into the *Pre-request Script* tab for your target reques
 This code requires the original request to have an `Origin` header set. You can see the results of the preflight in the
 *Postman Console*. The code makes no attempt to perform a CORS check on the response headers, you'll need to verify the
 response yourself.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b7f6" %}
-* {% include faq-link.html faq="d1a6" %}
-* {% include faq-link.html faq="b6b0" %}

Diff for: _faq/cd59.md

@@ -1,5 +1,8 @@
 ---
 question: How can I avoid the preflight OPTIONS request?
+related:
+  - b7f6
+  - b040
 ---
 
 #### Caching
@@ -48,10 +51,3 @@ requests it should parse.
 
 The `Authorization` header can also be problematic as it is commonly used by third-party libraries. Whether this is a
 solvable problem will depend on the library you're using.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b7f6" %}
-* {% include faq-link.html faq="b040" %}

Diff for: _faq/cdc8.md

@@ -1,5 +1,9 @@
 ---
 question: Why aren't my cookies working with CORS?
+related:
+  - fdb1
+  - fcd5
+  - ffcc
 ---
 
 There are several questions in one here:
@@ -121,11 +125,3 @@ only be a problem if the cookie was set by some other means.
 While Safari has tighter restrictions for setting cookies, the rules for including cookies on subsequent requests are
 much the same as for other browsers. So while a same-domain request may be required to set the cookie, it can then be
 included on a cross-domain request from a different page.
-
----
-
-Related:
-
-* {% include faq-link.html faq="fdb1" %}
-* {% include faq-link.html faq="fcd5" %}
-* {% include faq-link.html faq="ffcc" %}

Diff for: _faq/d1a6.md

@@ -1,5 +1,10 @@
 ---
 question: My request works fine in Postman/cURL/etc.. Why do I get a CORS error in the browser?
+related:
+  - e9f4
+  - f173
+  - b6b0
+  - c7f6
 ---
 
 The *same-origin policy* is a security feature built into web browsers. It doesn't apply if you make requests using
@@ -18,12 +23,3 @@ is possible to send it manually instead:
 * {% include faq-link.html faq="c7f6" %}
 
 Within the browser it's usually pretty clear from the error message whether it's the preflight request that's failing.
-
----
-
-Related:
-
-* {% include faq-link.html faq="e9f4" %}
-* {% include faq-link.html faq="f173" %}
-* {% include faq-link.html faq="b6b0" %}
-* {% include faq-link.html faq="c7f6" %}

Diff for: _faq/d926.md

@@ -1,5 +1,8 @@
 ---
 question: How do the Authorization and WWW-Authenticate headers work with CORS?
+related:
+  - b7f6
+  - fcd5
 ---
 
 The `Authorization` request header can be set as a custom header on a request and, just like any other custom header, it
@@ -29,10 +32,3 @@ If a preflight `OPTIONS` request is required then this must succeed without any
 Oddly, the `401` response does not need to include the `Access-Control-Allow-Credentials` header for the browser to
 prompt for credentials. However, it should be included anyway in case the user declines the credentials prompt. In that
 scenario the `401` becomes the exposed response and then `Access-Control-Allow-Credentials` is required.
-
----
-
-Related:
-
-* {% include faq-link.html faq="b7f6" %}
-* {% include faq-link.html faq="fcd5" %}

Diff for: _faq/dfdb.md

@@ -1,5 +1,7 @@
 ---
 question: What is an opaque response?
+related:
+  - e9b8
 ---
 
 If you're using the `fetch` API then you might have come across this message in Chrome:
@@ -47,9 +49,3 @@ something but whether or not it succeeds doesn't have any impact on the UI.
 
 Another use case is caching. The requests can be used to pre-populate caches for things like stylesheets where you don't
 need to access the response details in JavaScript code.
-
----
-
-Related:
-
-* {% include faq-link.html faq="e9b8" %}