Comments (10)
Uzlopak
commented on May 18, 2024
1
localhost vs. 127.0.0.1
from fastify-cors.
mcollina
commented on May 18, 2024
I think you need to include the port.
fastify.register(require('fastify-cors'), {
origin: 'http://modfi-dev.nonset.com:4000'
})from fastify-cors.
vallamost
commented on May 18, 2024
I've tried that as well, I see the same issue, it seems like it's looking for an exact match:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://modfi-dev.nonset.com:4000/batch_stock_prices/?stocks=AAPL,MSFT,NFLX,TSLA,SBUX.
(Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘http://modfi-dev.nonset.com:4000’)
fastify.register(require('fastify-cors'), {
origin: 'http://modfi-dev.nonset.com:4000'
})
from fastify-cors.
Eomm
commented on May 18, 2024
From docs, it is intended https://github.com/fastify/fastify-cors#options
string: strict match
you need to use a regexp: origin: /^http://modfi-dev.nonset.com:4000/
from fastify-cors.
vallamost
commented on May 18, 2024
you need to use a regexp:
origin: /^http://modfi-dev.nonset.com:4000/
Thanks for the response, the documentation made it sound like the context of the string match will match the domain name.
Regex is still throwing issues:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://modfi-dev.nonset.com:4000/batch_stock_prices/?stocks=AAPL,MSFT,NFLX,TSLA,SBUX.
(Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘false’).
The regex I am trying:
fastify.register(require('fastify-cors'), {
origin: /^http:\/\/modfi-dev\.nonset\.com:4000/,
})
I also tried getting more aggressive but it still ending up with a 'false' result
origin: /^http?:\/\/modfi-dev.nonset.com:4000\/[a-z]*.*/
Seems to match fine when testing here: https://regex101.com/
from fastify-cors.
Eomm
commented on May 18, 2024
I would start from a playground like this since it seems to work:
const fastify = require('fastify')
const app = fastify({ logger: true })
app.register(require('fastify-cors'), {
origin: /^http:\/\/modfi-dev\.nonset\.com:4000/
})
app.get('/', async () => 'hello')
;[
'', // empty
'http://modfi-dev.nonset.com:4000/batch_stock_prices/?stocks=AAPL,MSFT,NFLX,TSLA,SBUX',
'http://modfi-dev.nonset.com'
].forEach(origin => {
app.inject({
url: '/',
headers: { origin }
}, (_, res) => {
console.log(`origin [${origin}] = ${JSON.stringify(res.headers, null, 2)}`)
})
})
The second one will print:
origin [http://modfi-dev.nonset.com:4000/batch_stock_prices/?stocks=AAPL,MSFT,NFLX,TSLA,SBUX] = {
"vary": "Origin",
"access-control-allow-origin": "http://modfi-dev.nonset.com:4000/batch_stock_prices/?stocks=AAPL,MSFT,NFLX,TSLA,SBUX",
"content-type": "text/plain; charset=utf-8",
"content-length": "5",
"date": "Wed, 17 Jun 2020 07:49:11 GMT",
"connection": "keep-alive"
}
from fastify-cors.
karrtopelka
commented on May 18, 2024
Hello, I have an issue with cors. My code is like in documentation or tutorials, but I still get error, even if origin is set to '*'. I've set:
fastify.register(cors, { origin: 'http://localhost:3000', credentials: true, })
but after trying to make a post method from frontend I get this:
I made a typescript project via fastify/cli, and put register in app.ts inside the app function
Any suggestions?
from fastify-cors.
Eomm
commented on May 18, 2024
I don't understand: where did you set *?
Here should work:
fastify.register(cors, { origin: '*', credentials: true, })
Note that http://localhost:3000 !== http://localhost:3000/auth/login
In the worse scenario you can try the function:
function checkOrigin (origin, callback) {
console.log({ origin })
// do what you want
callback(null, true)
}
fastify.register(cors, { origin: checkOrigin, credentials: true, })
from fastify-cors.
karrtopelka
commented on May 18, 2024
I don't understand: where did you set
*?Here should work:
fastify.register(cors, { origin: '*', credentials: true, })Note that
http://localhost:3000 !== http://localhost:3000/auth/loginIn the worse scenario you can try the function:
function checkOrigin (origin, callback) { console.log({ origin }) // do what you want callback(null, true) } fastify.register(cors, { origin: checkOrigin, credentials: true, })
As I know combining '*' with credentials is bad, so it will not work, but I checked everything, like your suggestion, without credentials, with localhost, with 127.0.0.1, and so on.
In postman, everything works fine, but when I try to make a call from frontend, nothing works
from fastify-cors.
karrtopelka
commented on May 18, 2024
localhost vs. 127.0.0.1
I also tried it, and no success
from fastify-cors.
Related Issues (20)
- Lack of support with Fastify 4.x HOT 4
- doesnt' work with Typescript HOT 1
- Origin returns undefined HOT 14
- Latency when using a large JWT token HOT 7
- UnhandledPromiseRejectionWarning: AvvioError: Plugin must be a function or a promise HOT 1
- Allow the special `*` value in `array` in `origin` option HOT 3
- Setting for `Cache-Control` to allow preflight requests to be cached in CDNs HOT 1
- Error(s) in doc. HOT 1
- cacheControl default value is missing HOT 1
- Access-Control-Allow-Origin is not working when streaming the data HOT 6
- AvvioError [Error]: Plugin did not start in time: '[object Promise]' HOT 2
- Support Private Network CORS HOT 8
- Options Request Returns 404 running in bun HOT 1
- Missing type declaration file for ‘@fastify/cors’ module HOT 2
- preflight 404 on prefixed index routes in nested/scopted cors setups
- Multiple @fastify/cors HOT 2
- Do not always define `Vary` header HOT 1
- `preHandler` called twice when rejecting CORS HOT 5
- Vary with dynamic config
- Credentials header is added regardless of origin HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fastify-cors.