Comments (12)
NP, we live to serve :)
Let us know if you've got other issues, they help us improve the platform. One thing this particular question made me started pondering, was how to dynamically apply a CORS profile, without having to restart the backend (which isn't always a choice) ... :)
from magic.
that would be awesome cause if the user forget's to add the dashboard url then he has no choice left other than re deploying the entire thing
I know, and it's a drag. I'm not sure if this is even possible, but I'll try to figure it out ;)
from magic.
Did you try to explicitly add the frontend URL of http://localhost:3000
to the following section ...?
{
"magic": {
"frontend": {
"urls": "http://localhost:3000"
},
The above allows for supplying a comma separated list of frontend URLs. I can't remember, but I think you'll need the "scheme" parts too (the http://
or https://
parts)
Also, I can't quite remember, but I suspect you'll have to "reboot" your backend (restart it) since the setting is unfortunately only read during startup of the app ...
from magic.
Ahh it needed a restart to solve the problem. Btw is there a way to allow all origns aswell ?
from magic.
btw i encountered one more issue after restarting the backend the frontend is unable to detect it.
from magic.
Btw is there a way to allow all origins as well
Yes, this is what it does by default - However, Google Chrome prevents the request for security reasons, which is kind of a drag for us, since one backend might in theory have an infinite amount of frontends. The idea from Chrome's perspective is to avoid sending credentials to some malicious site, injected somehow into the HTTP request object.
Personally I don't like CORS, and I think it's the "wrong solution to the wrong problem", something that can be seen by the fact of that it's the server declaring the CORS policy, but the client that's enforcing it, resulting in a somewhat ridiculous security model where the client can choose to ignore it - But it is what it is I suspect ... :/
You might try to play with the withCredentials
parts of your HTTP object in React, and manually add the Authorization
HTTP header instead, which should in theory allow you to ignore CORS ...
As to your second problem, open the Chrome developer's tools and let me know what it says ...
The simplest would be to remove the withCredentials
parts from your frontend React code I suspect, remove all CORS from config, and manually add the Authorization
HTTP header somehow. The only place I have previously encountered Magic actually needing withCredentials
is as I am doing LDAP or some other "fancy" stuff that shouldn't be necessary unless you want to build a "domain SSO authentication thing" (I don't recommend it ...)
from magic.
that's this helped me a lot to understand on some of the aspects of what to take care of in the future as for the second problem here are the chrome logs
i presume that the dashboard faces a cors either cause of the specified frontend urls that i configured else something else
and thanks for helping me clear these issue and amazing work with this project as a frontend dev it is hard to force myself to learn the backend stuff dunno why 😂. Either way hope this project grows even more
from magic.
Thank you, I'll convey the nice words to the rest of our team, they'll appreciate it ^_^
Psst, so you're good now or ...?
from magic.
Unfortunately the issue is not resolved. these was another response that i forgot to mention it.
and since i have no way to change anything in the magic.config ill have to re deploy the container and then see if i have to add the dashboard url as well but this shouldn’t be the case as the dashboard is supposed to work with the backend without any configuration
from magic.
If you add one CORS frontend, you'll have to add all CORS frontend. If you've got your React frontend running at http://localhost:3000
and your Magic Dashboard running on http://localhost:5555
(Docker images), this results in the following config ...
{
"magic": {
"frontend": {
"urls": "http://localhost:3000, http://localhost:5555"
},
The reason is that the default CORS setting is "accept everything", which crashes with your withCredentials
setting on your React HTTP request object. This results in that you've got two options.
- Remove CORS entirely and remove the
withCredentials
property on your React HTTP request object - Add all frontends that are supposed to access your backend (through a browser) in your above
frontend:urls
configuration setting ...
Let me know if this fixes things for you ...
from magic.
If you add one CORS frontend, you'll have to add all CORS frontend. If you've got your React frontend running at
http://localhost:3000
and your Magic Dashboard running onhttp://localhost:5555
(Docker images), this results in the following config ...{ "magic": { "frontend": { "urls": "http://localhost:3000, http://localhost:5555" },The reason is that the default CORS setting is "accept everything", which crashes with your
withCredentials
setting on your React HTTP request object. This results in that you've got two options.
- Remove CORS entirely and remove the
withCredentials
property on your React HTTP request object- Add all frontends that are supposed to access your backend (through a browser) in your above
frontend:urls
configuration setting ...Let me know if this fixes things for you ...
Yup its working now thanks a lot for your help 🥳
from magic.
NP, we live to serve :)
Let us know if you've got other issues, they help us improve the platform. One thing this particular question made me started pondering, was how to dynamically apply a CORS profile, without having to restart the backend (which isn't always a choice) ... :)
that would be awesome cause if the user forget's to add the dashboard url then he has no choice left other than re deploying the entire thing
from magic.
Related Issues (20)
- [wait] slots to wait for multiple [fork] invocations HOT 1
- Allow for invoking endpoints from Hyper IDE
- Group endpoints by module/component/folder name
- Eliminate usage of magic.http HOT 1
- Simplify magic.node.extensions
- Fix snippets
- Fix SQL CRUD menu item's UI
- Re-create all documentation YouTube videos
- Fix EndpointController's TransformToActionResult method
- Separate HTTP parts from magic.endpoint.executor and put into controller project
- Refactor dependency injection logic in magic.lambda.http
- Automatic conversion to and from different Content-Types in magic.lambda.http
- Decouple file system completely
- Question about API Specification HOT 5
- SMTP mail issue after registration. HOT 8
- CI feature: integrate pull request preview environments HOT 1
- Error with epochs HOT 8
- no read, no write access on downloaded files? HOT 8
- Capture leads and send email HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from magic.