Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
This issue pertains to:
- GraphQL Playground - Electron App
- GraphQL Playground
- GraphQL Playground Middleware
What OS and OS version are you experiencing the issue(s) on?
macOS Sierra 10.12.6
What version of graphql-playground(-electron/-middleware) are you experience the issue(s) on?
GraphQL Playground 1.3.0
What is the expected behavior?
Origin header should not be sent, or should be electron://graphiql-app (to match GraphiQL), so CORS can effectively be enabled by GraphQL servers.
What is the actual behavior?
Using devtools in GraphQL Playground, it sends a request header Origin:null.
What steps may we take to reproduce the behavior?
Open GraphQL Playground App, Toggle Developer Tools and open the network tab, and look for the request headers.
Issue Analytics
- State:
- Created 6 years ago
- Reactions:8
- Comments:8
Top Results From Across the Web
Cross-Origin Resource Sharing (CORS) - MDN Web Docs
Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, ...
Read more >Cross-origin resource sharing - Wikipedia
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the...
Read more >What is CORS (cross-origin resource sharing)? - PortSwigger
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and...
Read more >Cross-Origin Resource Sharing (CORS) - web.dev
The browser's same-origin policy blocks reading a resource from a different origin. This mechanism stops a malicious site from reading ...
Read more >CORS Enabled - W3C Wiki
CORS is a specification that enables truly open access across domain boundaries. Why is CORS important? Currently, client-side scripts (e.g., JavaScript) are ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I noticed this can’t be overridden by the headers tab in Playground. Might it be desirable to allow that, at least for requests to
localhost/127.0.0.1?I’m willing to work on this and would love some more feedback.
Problem still exists. Pls add possibility to set it in HTTP Headers panel.