CORS - Githubissues

kadirahq / lokka-transport-http

HTTP Transport Layer for Lokka

MIT License

41 stars 38 forks source link

CORS #15

Open reggi opened 8 years ago

reggi commented 8 years ago

Anything I need to do to setup CORS? Having a bit of trouble.

williamku commented 8 years ago

I tried the following in order to satisfy an CORS error:

const headers = { 'Access-Control-Allow-Credentials': 'true' }; export const lokkaClient = new Lokka({transport: new Transport(API_BASE_URL, {headers : headers})});

But the above header setting does not work. it showed up in the out-going request as this: Access-Control-Request-Headers:access-control-allow-credentials, content-type. As result the request comes back with the same CORS error.

arunoda commented 8 years ago

On the backend(assuming express), you need to do something like this:

var cors = require('cors');
app.use(cors({
   origin: 'https://myurl.com',
   credentials: true,
}));

williamku commented 8 years ago

@arunoda, you are suggesting the change on our API server side. Actually I was able to get thru using jQuery. Seems the call will work as long as the header "Access-Control-Allow-Credentials=true" is present in the call. The fact that I can get the result via jQuery seems to show that our server setup is OK. But your http transport simply does not honor the setting I explicitly set as shown above. Which was the reason of the failing... Appreciate it if you could fix... thanks!

@reggi , looping you in on this

williamku commented 8 years ago

@arunoda , any chance this has been fixed? what I reported above is this:

I set the header as this:

const headers = { 'Access-Control-Allow-Credentials': 'true' };

But the actual header set by your code is this: Access-Control-Request-Headers:access-control-allow-credentials, content-type

If I explicitly set 'Access-Control-Allow-Credentials' to 'true', why can't the actual header to be set as "Access-Control-Allow-Credentials:true" when the http request actually goes out (exactly as I set)?

Appreciate if you could take a look? thanks!

jackyzhen commented 7 years ago

The problem is fixed for me if the fetch mode option is used and set to 'cors'. @arunoda please merge: https://github.com/kadirahq/lokka-transport-http/pull/4

I am using a personal fork in the mean-time.

b04zdotcom commented 7 years ago

I am also facing the issue of not being able to set Access-Control-Allow-Credentials. Is there a way to fix this?

@arunoda Are you still using your fork?

machineghost commented 5 years ago

So is this project just dead now ...?