There's a leaky abstraction in mw/__init__.py.
If the backend triggers an explicit MontageError early enough in the cycle, it bypasses the MessageMiddleware serialization entirely. Because it skips standard JSON packing, the actual CORSMiddleware never injects headers.
So instead of the Vue frontend getting a clean 400 Bad Request with an error message, it gets slammed by the browser with a CORS block.
There's a leaky abstraction in
mw/__init__.py.If the backend triggers an explicit
MontageErrorearly enough in the cycle, it bypasses theMessageMiddlewareserialization entirely. Because it skips standard JSON packing, the actualCORSMiddlewarenever injects headers.So instead of the Vue frontend getting a clean
400 Bad Requestwith an error message, it gets slammed by the browser with a CORS block.