hej,
how I can remove the response header Access-Control-Allow-Origin
?
looks like the settings {'origins' : 'asfdasd.com'}
does not work.
POST /socket.io/?EIO=3&transport=polling&t=1481690658797-5&sid=Dp18NNt_bWPkB4rGAAAP HTTP/1.1 Origin: https://evilhost.net
HTTP/1.1 400 Bad Request Content-Type: application/json Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://evilhost.net Date: Fri, 03 Feb 2017 12:27:42 GMT Connection: keep-alive Transfer-Encoding: chunked
Issue Analytics
- State:
- Created 7 years ago
- Reactions:10
- Comments:11 (2 by maintainers)
Top Results From Across the Web
Cross-Origin Resource Sharing (CORS) - MDN Web Docs
Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, ...
Read more >Cross-origin resource sharing - Wikipedia
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the...
Read more >What is CORS (cross-origin resource sharing)? - PortSwigger
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and...
Read more >Cross-Origin Resource Sharing (CORS) - web.dev
The browser's same-origin policy blocks reading a resource from a different origin. This mechanism stops a malicious site from reading ...
Read more >CORS Enabled - W3C Wiki
CORS is a specification that enables truly open access across domain boundaries. Why is CORS important? Currently, client-side scripts (e.g., JavaScript) are ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@thEpisode I realize this is an old thread, but that final link was what fixed it for me! Most of the Express tutorials have
app.listen(...)
but in the case of usingsocket.io
you need to be sure that in yourindex.js
you callhttp.listen(...)
and NOT listen on theapp
object, or you’ll get this CORS issue. Such a small thing!Problem resolved!! @Kenzku please review this documentation: https://github.com/socketio/socket.io/blob/master/docs/API.md#serveroriginsvalue and see the code: https://github.com/socketio/socket.io/blob/master/lib/index.js#L67 and check if you use Express (this example is very useful): https://github.com/socketio/socket.io#in-conjunction-with-express