Comments (3)
nucleartide
commented on May 3, 2024
Hey, @resistdesign! I had the same problem, but from reading the tests it seems like you have to send an Origin header in your request. Here's an example with curl, it'll hit an endpoint that returns "hello world":
$ curl -H "Origin: *" --verbose http://localhost:4000/
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 4000 (#0)
> GET /helloworld HTTP/1.1
> User-Agent: curl/7.37.1
> Host: localhost:4000
> Accept: */*
> Origin: *
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Origin: *
< Content-Type: text/plain; charset=utf-8
< Content-Length: 11
< Date: Tue, 12 Jan 2016 16:04:14 GMT
< Connection: keep-alive
<
* Connection #0 to host localhost left intact
hello worldfrom cors.
dougwilson
commented on May 3, 2024
@nucleartide is correct. Just having CORS enabled does not just blindly send back response headers; the request itself needs to be a CORS request to the server (either a simple request or a pre-flight request). You can read more details about how CORS works at http://www.w3.org/TR/cors/
@resistdesign , can you show the full request and headers you are making, and what the response headers you are getting a highlight to us what is not meeting your expectation?
from cors.
resistdesign
commented on May 3, 2024
@nucleartide Thank you!
@dougwilson I don't even remember what I was doing now, sorry :P
from cors.
Related Issues (20)
- Bump npm latest version to 2
- npm audit reveals security vulnerabilities
- GMT koa deprecated Support for generators will be removed in v3. See the documentation for examples of how to convert old middleware https://github.com/koajs/koa/blob/master/docs/migration.md at server\index.js:6:5 HOT 3
- Docs: Installation modify HOT 1
- Header not set on error response HOT 2
- How to set CORS of static resources HOT 2
- should preflight request return 204 instead of 404 when origin not match?
- documentation missing: needs to be used before router HOT 1
- allowHeaders doesn't support functions? HOT 2
- Does this still maintains ?
- Integrate with @types/koa__cors
- How to set multiple domains ? HOT 2
- How to resolve socket cors HOT 1
- https://github.com/koajs/cors/blob/master/index.js#L138
- Access-Control-Request-Private-Network HOT 2
- Should default options allow null origin?
- Allow not returning any access control headers if the Origin is not allowed to access the resource HOT 1
- Overly permissive origin policy HOT 2
- The default CORS configuration poses a security risk. HOT 3
- Access-Control-Allow-Origin set to '*' even when 'Origin' is supplied HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors.