CORS problem (No 'Access-Control-Allow-Origin') on client
See original GitHub issueHi all,
Typically if you do have server with sockets on another domain and you do simple first line io('YOUR_HOST')
, you will receive this message:
XMLHttpRequest cannot load YOUR_HOSTsocket.io/?EIO=3&transport=polling&t=1446467052356-0. No 'Access-Control-Allow-Origin'...
First appeared in head, that I need to look at documentation and find out how to set it from there, but eventually I did not find anything because of pure documentation.
Then I entered source code and the only 2 usages of setRequestHeader
method, which is actually allow you to do that, is only for setting content-type if POST method is chosen.
Could you help me to fix this issue?
Issue Analytics
- State:
- Created 8 years ago
- Comments:25 (2 by maintainers)
Top Results From Across the Web
3 Ways to Fix the CORS Error — and How the Access-Control ...
Fix one: install the Allow-Control-Allow-Origin plugin. The quickest fix you can make is to install the moesif CORS extension .
Read more >What Is a CORS Error and How to Fix It (3 Ways) - Bannerbear
A CORS error is common when making an HTTP request to another origin. ... No 'Access-Control-Allow-Origin' header present; No 'Access-Control-Allow-Headers' ...
Read more >Why does my JavaScript code receive a "No 'Access-Control ...
This question is not about how to fix a "No 'Access-Control-Allow-Origin'..." error. It's about why they happen. Please stop posting: CORS ...
Read more >Fixing Common Problems with CORS and JavaScript
Tutorial: This post walks through troubleshooting and fixing common problems associated with calling REST APIs from JavaScript.
Read more >Resolve the "No 'Access-Control-Allow-Origin' header" error ...
I'm getting the CORS error "No 'Access-Control-Allow-Origin'" on my requested ... Note: Be sure also to forward the header as part of your...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I’m using cors extension for google chrome and socket.io for chat application on my nodejs+Angular2 app but it is giving follwing error. XMLHttpRequest cannot load http://localhost:8000/socket.io/?username=amit&EIO=3&transport=polling&t=LsdeeNk. The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. Origin ‘http://localhost:4200’ is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
It appears that Socket.io’s definition of “origin” is somewhat different from the normal one (at least the one on MDN): Socket.io doesn’t seem to want the scheme to be included. See this block of code which checks the origin against the
origins
array. It looks fordomain + ':' + port
. So if you set yourorigins
to be['https://example.com:6789']
, it won’t find the origin in your array. If you setorigins
to['example.com:6789']
, then it should work (at least it did for me when I removed the scheme).It seems an open question to the project authors whether this constitutes a bug.