Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CORS with Gogs: missing token 'user-agent' in CORS header 'Access-Control-Allow-Headers'

See original GitHub issue

In the browser using the npm package with webpack I get:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8000/BrokenWorld/Editor.git/info/refs?service=git-upload-pack. (Reason: missing token 'user-agent' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel).

when executing

//Actual strings substituted
git.clone({
    username: "Name",
    password: "Pass",
    url: "http://localhost:8000/Path/Path.git",
    dir: "/Path/Path"
});

The git server is Gogs and CORS is set up there. The http headers sent and received are below:

Response headers (441 B)
Access-Control-Allow-Headers:   Content-Type, Authorization
Access-Control-Allow-Origin:    http://localhost:8080
Access-Control-Max-Age:         3600
Content-Length:                 0
Date:                           Mon, 05 Nov 2018 16:39:32 GMT
Set-Cookie:                     lang=en-US; Path=/; Max-Age=2147483647
Set-Cookie:                     i_like_gogits=3998a94c1759e12f; Path=/; HttpOnly
Set-Cookie:                     _csrf=TXDUIIY-1eQjYbUr9PHNZgsV…v 2018 16:39:32 GMT; HttpOnly

Request headers (477 B)	
Accept:                         text/html,application/xhtml+xm…plication/xml;q=0.9,*/*;q=0.8
Accept-Encoding:            	gzip, deflate
Accept-Language:	        en-US,en;q=0.5
Access-Control-Request-Headers:	authorization,user-agent
Access-Control-Request-Method:	GET
Connection:	                keep-alive
DNT:	                        1
Host:	                        localhost:8000
Origin:	                        http://localhost:8080
User-Agent:	                Mozilla/5.0 (X11; Linux x86_64…) Gecko/20100101 Firefox/60.0

(Setting Access-Control-Allow-Origin to * in Gogs doesn’t change the error.)

What am I missing?

Issue Analytics

State:
Created 5 years ago
Comments:22 (17 by maintainers)

Top GitHub Comments

1reaction

MoonCoralcommented, Nov 17, 2018

Works like a charm. Thank you and apologies for the late feedback.

1reaction

wmhiltoncommented, Nov 6, 2018

@MoonCoral as a temporary fix, what happens if you do

process.browser = true

before you call isomorphic-git?

Top Results From Across the Web

Specific to Firefox -- missing token 'user-agent' in CORS ...

Not sure why this is specific to Firefox. I can see that the there is a 'user-agent' http header in the request. Any...

Reason: missing token 'xyz' in CORS header 'Access-Control ...

The Access-Control-Allow-Headers header is sent by the server to let the client know which headers it supports for CORS requests.

Laravel 5: CORS Headers with Filters - Laracasts

I have been having a problem getting the CORS issues resolved for my API. ... PUT, DELETE', 'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, ...

CORS Issue Despite Wide Open CORS Config : r/nginx - Reddit

Lets focus on the error part: "Request header field authtoken is not allowed by Access-Control-Allow-Headers in preflight response." Lets check ...

Browser detection using the user agent - HTTP

When considering using the user agent string to detect which browser is being used, your first step is to ... An example of...