I have a node/express api deployed (api.mysite.com)
In the express app, I have used app.use(cors());
In the frontend I have a nuxt/vue site (www.mysite.com).
The vue site uses the api to fetch some data. The problem is that most times it works fine. But some times (2 out of 10), I get the following error:
Failed to load resource: the server responded with a status of 504 (Gateway Time-out)
Access to XMLHttpRequest at 'api.mysite.com' from origin 'www.mysite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I've read a lot but cannot figure out why it's happening specially why only sometimes and not the other times?
Set the timeout to a higher value. If your request is taking more time to be served than the current timeout it throws Gateway Timeout
var server= http.createServer(app).listen(port, function()
{
console.log("Listening on port " + port)
})
server.timeout = 240000;
Related
I'm developing a client and server app, that communicate over web-sockets and found that handling CORS only on the web-socket doesn't raise any additional CORS issues, without handling CORS on the server side itself.
Before solving the issue the error on the client side was:
Access to XMLHttpRequest at 'http://localhost:5000/socket.io/?EIO=4&transport=polling&t=NOOM0wp' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
No "Access-Control-Allow-Origin" header on the response object, that appears only if I handle CORS on the server side.
But, on the client side I get an error:
GET http://localhost:5000/socket.io/?EIO=4&transport=polling&t=NOONjI6 net::ERR_CONNECTION_REFUSED
I guess this is a pretty simple issue, still an explanation will be much appreciated.
Use cors configuration.
Refer to Handling CORS.
var express = require('express')
var app = express()
var app = express()
var server = require('http').createServer(app)
var io = require('socket.io')(server, {
cors: {
origin: "*" // add your own origin, or '*' for any origins allow.
}
})
In my react app this will shows. when I try to make a post request. I'm using .net core 2.2 webapi for the backend.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:5050/api/Users. (Reason: missing token ‘access-control-allow-origin’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel).[Learn More]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:5050/api/Users. (Reason: CORS request did not succeed).[Learn More]
In my .net core webapi. I have enabled the cors as well.
using IServiceCollection services
services.AddCors(options =>
{
options.AddPolicy("AllowAll",
builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});
and IApplicationBuilder app
app.UseCors("AllowAll");
also I used this in controller.
[EnableCors("AllowAll")]
Edit: On debug console output.
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 OPTIONS http://localhost:5050/api/Users
Request starting HTTP/1.1 OPTIONS http://localhost:5050/api/Users
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '405 HTTP Method Not Supported'
Microsoft.AspNetCore.Routing.EndpointMiddleware:Information: Executing endpoint '405 HTTP Method Not Supported'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '405 HTTP Method Not Supported'
Microsoft.AspNetCore.Routing.EndpointMiddleware:Information: Executed endpoint '405 HTTP Method Not Supported'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 9.3884ms 405
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 9.3884ms 405
The first thing to check is if this error message is not the result of an error in the web api.
To do this run chrome (windows) in a special mode
"c:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --user-data-dir="C:/Chrome dev session" --disable-web-security
If you still get the error then I suspect it might be due to some other error in your web api. Have you checked the api console for any exceptions?
Cheers
If you're using full IIS and having issues, make sure you rule out:
IIS > App or Directory \ HTTP Response Headers \ Access-Control-Allow-Origin
Being set already. I had an issue whereby it was already set for some reason and was overriding the app's config.
Try Response.Headers.Add("Access-Control-Allow-Origin", "http://IPorDomain:Port"); It works in .Net Core Web API. In my case i am consuming the Web api from angular.
var itemsOnPage = await _context.Employees
.OrderBy(e => e.EmpFirstName)
.Skip(count * pageIndex)
.Take(count)
.ToListAsync();
/*This*/
Response.Headers.Add("Access-Control-Allow-Origin", "http://localhost:4200");
/*This*/
return Ok(itemsOnPage);
First I should thank all who tried to help me. I have solved the issue.
First I uninstalled the IIS using Add and Remove Programs.
And I also I have turned off the IIS feature from Windows Features.
It requires to restart the PC.
After that, that issue doesn't happen.
I have two node servers on localhost:3000 and localhost:4000.
I call 4000 from 3000 and get the following error.
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
Any suggestions for this error?
If the 4000 server is a express based node server, use "cors" package to solve it like below
var cors = require('cors');
.....
app.use(cors());
Where app is an express application.
I'm trying to use sockets to connect to a Node server I'm running localy
but I keep on getting 'info - unhandled socket.io url' on the server side
+
"XMLHttpRequest cannot load http://localhost:8080/socket.io/?EIO=3&transport=polling&t=1424356590540-0. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access." on chrome (using address localhost:8000/index.html)
// top six lines of code to see setup
var express = require('express'),
app = express(),
http = require('http'),
server = http.createServer(app),
io = require('socket.io').listen(server);
server.listen(8080);
also I'm using python SimpleHTTPServer on port 8000
client code is:
var socket = io.connect('http://localhost:8080');
socket.on('connection', function(){
console.log("connected")
});
using https://cdn.socket.io/socket.io-1.3.4.js" version of sockets.io
I'm assuming the html is irrelevant since I don't have any javascript code in it (except references to angular and jquery)
That's a problem with CORS.
Since your web page is on localhost:8000 and the Socket.io server is on localhost:8080 (two different ports, so two different servers), to allow async requests between the two of them you need to enable CORS. Browsers require that for security reasons.
Your server seems to be using Express. Enabling CORS in Express is quite easy, thanks to NPM packages like cors. Alternatively, look at some questions on SO, like: How to allow CORS?
I'm following a simple tutorial from here:
http://addyosmani.github.io/backbone-fundamentals/
I have a node.js server running on a localhost port 4711
I have tomcat running on port 8082 and a backbone.js app as client started as index.html on that server.
But I get :
XMLHttpRequest cannot load ... api/books. Origin localhost:8082 is not
allowed by Access-Control-Allow-Origin.
1) Why? This is not file based access - indeed a plain web browser will see
htttp://localhost:4711/ and interact just fine.
2) What's the fix? (Given that part of this stack is a node.js server)
You're initiating a CORS request since the two servers are listening on different ports( index.html on localhost:8082 and your node server on localhost:4711)
In your node's http server, try setting the Access-Control-Allow-Origin header to * or to the Origin header.
http.createServer(function(req, res) {
res.header('Access-Control-Allow-Origin', req.headers['origin']);
//handle
});