Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
PATCH requests are failling because CORS from multiple origins(due to a browser extension)
See original GitHub issueBug report
PATCH requests are failling because CORS from multiple origins.
Im trying to make a update() request to one of my tables and get CORS error, tried from another origin and the same happens.
To Reproduce
https://github.com/dcruz1990/contabilidad-simple/
System information
- OS: Linux
- Browser: Chrome
- Version of supabase-js:
@supabase/supabase-js": "^1.31.2" - Version of Node.js: 6.14.15
Issue Analytics
- State:
- Created a year ago
- Comments:25 (12 by maintainers)
Top Results From Across the Web
PATCH requests are failling because CORS from multiple ...
Im trying to make a update() request to one of my tables and get CORS error, tried from another origin and the same...
Read more >CORS errors and how to solve them - Topcoder
This happens because the same-origin policy is part of the browser's security model which allows websites to request data from APIs of the...
Read more >3 Ways to Fix the CORS Error — and How the Access-Control ...
The quickest fix you can make is to install the moesif CORS extension . Once installed, click it in your browser to activate...
Read more >Chrome Cross-Domain PATCH request not working
I face a similar problem in node.js with CORS. You need to set the Access-Control-Allow-Origin to the specific domain not a wildcard.
Read more >Changes to Cross-Origin Requests in Chrome Extension ...
The changes means that cross-origin fetches initiated from content scripts will have an Origin request header with the page's origin, and the server...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@dcruz1990 You say this is in Chrome. Do you by chance have this extension installed (or one similar) https://chrome.google.com/webstore/detail/allow-cors-access-control/lhobafahddgcelffkeicbaginigeejlf
I recalled a discussion in discord where the user mentioned patch not working, and resolved by removing their cors “allower” extension (they did not mention the actual extension though).
Note by default that extension does not do patch and I believe also returns the requester website (versus *) to allow faking out the browser.
Edit: I loaded that extension and get these headers for a SB network call with it on: access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS access-control-allow-origin: mytestsite.com And this with it off: access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT access-control-allow-origin: *
Holy shit, confirmed that’s the issue on my end. Turning that extension ON and OFF to see if it makes a difference, and yea it does. Didn’t expect that…