fix(event_handler): do not skip middleware and exception handlers on 404 error

[heitorlessa]

Issue number: #3916

Summary

This PR addresses the bug where non-matched routes (404) did not kick off the request chain and instead immediately process a 404 response.

The reasons this PR do not reach for a 404 middleware solution are:

1. Middlewares are tightly coupled with a Route, so request processing is kicked off from a route (__call__())
2. Moving as a middleware would require a dummy/no-op route to be called only to be overwritten, causing unnecessary CPU cycle and memory usage (tbh, it's somewhat a minor and we can revert later).

NOTE. Nothing stops us for making it a middleware w/ a dummy route to kick the request chain when we have more time. This was an issue ever since middleware was introduced in #2917, so I'd favoured keeping the core the same and focusing on covering any edge cases (e.g., what if a middleware short-circuit).

Changes

Please provide a summary of what's being changed

• Removed duplicated CORS Origin Header logic
• Removed unnecessary CORS injection within 404 logic
• Creates 404 route handler and call it to kick off request chain
• Test FastAPI and Flask to be triple sure it's a standard
• Test pre-flight for not found route with middleware
• Enrich docstring for resolve() to share request flow

unrelated

• Moved special sorted set to list str for CORS Allow Methods to CORSConfig

User experience

Please share what the user experience looks like before and after this change

Checklist

If your change doesn't seem to apply, please leave them unchecked.

• Meet tenets criteria
• I have performed a self-review of this change
• Changes have been tested
• Changes are documented
• PR title follows conventional commit semantics

Is this a breaking change?

RFC issue number:

Checklist:

• Migration process documented
• Implement warnings (if it can live side by side)

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.43%. Comparing base (e14e768) to head (395f1ad).
Report is 563 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4492      +/-   ##
===========================================
+ Coverage    96.38%   96.43%   +0.05%     
===========================================
  Files          214      219       +5     
  Lines        10030    10627     +597     
  Branches      1846     1976     +130     
===========================================
+ Hits          9667    10248     +581     
- Misses         259      267       +8     
- Partials       104      112       +8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[heitorlessa]

@leandrodamascena can I get your help in doing your crazy QA skills just in case I missed any edge case?

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
2.3% Duplication on New Code

See analysis details on SonarCloud

[leandrodamascena]

@leandrodamascena can I get your help in doing your crazy QA skills just in case I missed any edge case?

Hey @heitorlessa, I've spent some time testing various scenarios with different kinds of Resolvers, including Bedrock, and everything seems to be working fine for me. CORS is working correctly also, and it's also running Middleware with the OPTIONS method/route.

e2e tests are also green. A note for the future is to create e2e tests with Middleware to ensure that we are testing those scenarios.

[leandrodamascena]

Thanks for this hard and amazing work @heitorlessa!

APPROVED!