Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CORS Enable Headers

See original GitHub issue

Hi, my implementation was failing due to missing headers in response. File uploads were not resuming. I inspected the http://tus.io/demo.html network requests and noticed this header, which was missing in my node server’s responses:

'Access-Control-Expose-Headers' : 'Upload-Offset, Location, Upload-Length, Tus-Version, Tus-Resumable, Tus-Max-Size, Tus-Extension, Upload-Metadata'

I examined the node.js library code a little bit, and discovered that on Server.js file you are controlling CORS with the following lines :

if (req.headers.origin) {
     res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
}

I believe it should also set the “Access-Control-Expose-Headers” header too. So i changed to following piece of code and it worked :

if (req.headers.origin) {
     res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
     res.setHeader('Access-Control-Expose-Headers' , 'Upload-Offset, Location, Upload-Length, Tus-Version, Tus-Resumable, Tus-Max-Size, Tus-Extension, Upload-Metadata');
}

Is there a better way to achieve CORS, or is this the way to do it? Thank you.

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:8 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
krampampulicommented, Aug 17, 2016

Since there was no Location info, the URL for PATCH was null. That was the actual error. Now everything seems to be OK, thank you!

0reactions
bhstahlcommented, Aug 17, 2016

@krampampuli thanks for your help. Location is added in tus-node-server@0.1.3.

Not sure I’m following how PATCH isn’t allowed, since it is included in the Access-Control-Allow-Methods of OPTIONS request. Would you mind opening up a separate ticket with detailed steps to replicate?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cross-Origin Resource Sharing (CORS) - MDN Web Docs
Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, ...
Read more >
CORS Enabled - W3C Wiki
Open Internet Information Service (IIS) Manager · Right click the site you want to enable CORS for and go to Properties · Change...
Read more >
How does the 'Access-Control-Allow-Origin' header work?
Wikipedia: The CORS standard describes new HTTP headers which provide browsers and servers a way to request remote URLs only when they have...
Read more >
CORS and the Access-Control-Allow-Origin response header
The CORS specification identifies a collection of protocol headers of which Access-Control-Allow-Origin is the most significant. This header is returned by a ...
Read more >
How to Enable CORS Headers for Your Application
How to Enable CORS Headers · Step 1: Go to Applications. Log in to your account and click the Applications in the top...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

systemd or systemv-init

Next page

GCSDataStore metadata get/set