ddecrulle opened a new issue, #3938: URL: https://github.com/apache/polaris/issues/3938
### Is your feature request related to a problem? Please describe. The Helm chart comment for `allowedMethods` states: ```yaml # If this is not set or empty, all requested methods are considered allowed. allowedMethods: [] ``` In practice, leaving this empty breaks clients like **DuckDB** that issue `HEAD` requests to the Iceberg REST Catalog — those requests are rejected with a CORS error. ## Root cause Quarkus does not include `HEAD` in its CORS allowed methods when the property is left empty, despite its own documentation suggesting otherwise. This may be an intentional choice in Quarkus, but it means Polaris's default Helm configuration silently breaks clients that rely on `HEAD`. ## Impact Clients like **DuckDB** (including the WASM build) issue `HEAD` requests when probing Iceberg REST Catalog endpoints. Without `HEAD` explicitly listed, these requests fail with a CORS error, preventing DuckDB-based UIs from connecting to Polaris. ### Describe the solution you'd like The Helm chart should ship with `HEAD` explicitly included in the defaults: ```yaml allowedMethods: [GET, HEAD, PUT, POST, DELETE, OPTIONS] ``` ### Describe alternatives you've considered _No response_ ### Additional context _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
