Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CORS #15

Open
reggi opened this issue Oct 7, 2016 · 7 comments
Open

CORS #15

reggi opened this issue Oct 7, 2016 · 7 comments

Comments

@reggi
Copy link

reggi commented Oct 7, 2016

Anything I need to do to setup CORS? Having a bit of trouble.

@williamku
Copy link

I tried the following in order to satisfy an CORS error:

const headers = {
'Access-Control-Allow-Credentials': 'true'
};
export const lokkaClient = new Lokka({transport: new Transport(API_BASE_URL, {headers : headers})});

But the above header setting does not work. it showed up in the out-going request as this: Access-Control-Request-Headers:access-control-allow-credentials, content-type. As result the request comes back with the same CORS error.

@arunoda
Copy link
Contributor

arunoda commented Oct 7, 2016

On the backend(assuming express), you need to do something like this:

var cors = require('cors');
app.use(cors({
   origin: 'https://myurl.com',
   credentials: true,
}));

@williamku
Copy link

@arunoda, you are suggesting the change on our API server side. Actually I was able to get thru using jQuery. Seems the call will work as long as the header "Access-Control-Allow-Credentials=true" is present in the call. The fact that I can get the result via jQuery seems to show that our server setup is OK. But your http transport simply does not honor the setting I explicitly set as shown above. Which was the reason of the failing... Appreciate it if you could fix... thanks!

@reggi , looping you in on this

@williamku
Copy link

williamku commented Nov 1, 2016

@arunoda , any chance this has been fixed? what I reported above is this:

I set the header as this:

const headers = {
'Access-Control-Allow-Credentials': 'true'
};

But the actual header set by your code is this:
Access-Control-Request-Headers:access-control-allow-credentials, content-type

If I explicitly set 'Access-Control-Allow-Credentials' to 'true', why can't the actual header to be set as "Access-Control-Allow-Credentials:true" when the http request actually goes out (exactly as I set)?

Appreciate if you could take a look? thanks!

@jackyzhen
Copy link

The problem is fixed for me if the fetch mode option is used and set to 'cors'. @arunoda please merge: #4

I am using a personal fork in the mean-time.

@b04zdotcom
Copy link

b04zdotcom commented Mar 17, 2017

I am also facing the issue of not being able to set Access-Control-Allow-Credentials. Is there a way to fix this?

@arunoda Are you still using your fork?

@machineghost
Copy link

So is this project just dead now ...?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants