Comments (6)
I can try to set that but, just to clarify:
- My code has not changed other then updating Highcharts from
11.2.0
to11.3.0
- This happens in both Firefox and Chrome
So something in regards to the "defaults" seem to have changed. I will report back once I tested the suggestion from @goransle
edit:
I will test this Wednesday! Don't have the development setup running in my current location.
from highcharts.
Small update:
It seems to be broken in v11.3.0 (as 11.2.0 is working). The changelog does list something in regards to the formAttributes that I found and listed above. https://www.highcharts.com/blog/changelog/#highcharts-v11.3.0
I am not yet 100% sure what is happening as we don't modify the request but it does not look to be a coincidence.
from highcharts.
If the cookie is not being sent
, I don't think that's the problem with the Export Server, but with the request being sent from the exporting module.
@goransle, do you have any ideas why that happens and how it could be changed?
from highcharts.
This is likely due to the default behaviour of the browser's implementation of fetch
.
You should be able to set the credentials option using exporting.fetchOptions in the chart configuration.
from highcharts.
So,
It seems there are two interesting options there:
https://developer.mozilla.org/en-US/docs/Web/API/fetch#credentials
and (possible)
https://developer.mozilla.org/en-US/docs/Web/API/fetch#mode
My setup locally is not 100% the same as production. Locally it is domain:1234
for the angular frontend, and domain:2345
for the highcharts exporter. For prod this is simply xx.domain.com
and yy.domain.com
However in both cases there is an nginx
in front of the highcharts-exporter to handle authentication. So keep this in mind. I tried to be as close to our production as possible with this. Just that I don't have a loadbalancer for local (yet...)
const data = {
title: {
text: ''
},
xAxis: {
[...]
exporting: {
sourceHeight: 1500,
sourceWidth: 1500,
url: environment.highchartsExportUrl,
csv: {
dateFormat: '%d/%m/%Y %H:%M:%S',
decimalPoint: '.'
},
fetchOptions:{
credentials: "omit", // omit, same-origin, include
mode: "cors" // cors, no-cors, same-origin
}
},
} as Options;
(Tested with Chrome)
omit + cors = 401 + "xx has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." + no cookie made it to the exporter
omit + no-cors = 401 + no error + no cookie made it to the exporter
omit + same-origin = "request mode is "same-origin" but the URL's origin is not same as the request origin xx:1234." -> NO request was sent by the browser
same-origin + cors = 401 + "xx has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." + no cookie made it to the exporter
same-origin + no-cors = 401 + no error + no cookie made it to the exporter
same-origin + same-origin = "request mode is "same-origin" but the URL's origin is not same as the request origin xx:1234." -> NO request was sent by the browser
include + cors = "xx has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'."+ ERR_FAILED (but still a 200 OK) + cookie made it to the exporter
include + no-cors = 200 OK, no error, cookie made it to the exporter but no file is being downloaded (there was no response data)
include + same-origin = "request mode is "same-origin" but the URL's origin is not same as the request origin xx:1234." -> NO request was sent by the browser
So I think it should be "same-origin + cors". That sounds the most reasonable. Even through cookie is not received but that might be the local setup. Or possible something with the mode "same-origin" but at least for local development that does not work. I have to think a bit on hot to properly test it and then I will report back.
edit:
If I use credentials include and mode cors I can het it to work locally with adding some CORS headers. Now the question it does this work on production and can I perhaps switch to same-origin there.
Is there any way to say what the previous highcharts behavior was?
from highcharts.
I'm not sure how it will work in your production environment as it depends on your setup configuration. However, if you ensure the appropriate CORS headers are in place along with credentials: include (just as it operates in the development environment), it should function similarly and effectively as it does in development.
The commit that you've shared (47a638f) introduces a minor modification. It removes formAttributes
in favor of fetchOptions
, which can easily be customized within the Highcharts configuration.
from highcharts.
Related Issues (20)
- MouseWheel with Ordinal brake HOT 1
- Remove column aliases from DataTable
- Organization chart: Need a feature to accept the onClick event for customized node UI element HOT 1
- Multiple-point solidgauge is off-center when on 100% HOT 1
- Cannot select a line drawn using Stock Tools. HOT 3
- Donut Chart: Issue with Data plotting HOT 2
- Mapline is hidden when drawing from LA to taiwan HOT 2
- Error 1015 shows HOT 1
- Deleted annotation is present in exported image HOT 3
- Infinite chart resize (reflow) HOT 1
- Color Contrast Ratio for the text 'Month-year' in graph is 1.917:1 which is less than expected (4.5:1) HOT 3
- `headerFormat` use `{point.point.name}` syntax but `pointFormat` use `{point.name}` syntax HOT 1
- chart.getAxes() is poorly named HOT 3
- Adding a yAxis id to the navigator causes plot bands added to the main graph to also display on the navigator. HOT 1
- Improve responsiveness for plot band labels HOT 1
- Drag does not work correctly HOT 1
- Numbers on axis labels HOT 5
- Gantt subtasks with point dependencies getting disorganized when toggling legend HOT 1
- Declaring mouseEvent callback as point event breaks drilldown
- I'm trying to find a way to center my flag but can't seem to do it HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from highcharts.