Comments (8)
ooohhh, the plot thickens... got more useful debug output from firefox than chrome:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:3000/login. (Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials’).
gonna try setting that now
from cljs-http.
lol, okay, so this change addressed one issue. #FunWithTyping
https://github.com/ckuttruff/orghub-clj/commit/6c3a51250a072f14b0d2a35827ccd5021848ea86
I was passing a boolean into the header whereas a string was expected for Access-Control-Allow-Credentials
- :access-control-allow-credentials true
+ :access-control-allow-credentials "true"
Incredibly this fixes things for firefox, but not for chrome. So there's a secondary issue with headers here in terms of what chrome is sending and what the server is expecting
from cljs-http.
A side-by-side of the request headers.
Chrome (on the left) gets XHR failed loading: POST "http://localhost:3000/login".
Firefox (on the right) succeeds.
Obv some minor differences here. Gonna dig into the CORS docs to see what's up here...
For the visually impaired (and the search engines), here's the text of the headers.
chrome:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Host: localhost:3449
If-None-Match: 4017874760
Referer: http://localhost:3449/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
firefox:
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en;q=0.5
Connection: keep-alive
Content-Length: 48
Content-Type: application/json
Host: localhost:3000
Origin: http://localhost:3449
Referer: http://localhost:3449/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linu…) Gecko/20100101 Firefox/60.0
from cljs-http.
p.s. to folks running lein figwheel
alongside lein ring server
:
The simplest thing for me was to set a handler on the clj side and unify the traffic under the same port (such that it won't trigger CORS (which has been a gigantic pain to try to figure out)).
Here's the commit that got things working for me:
https://github.com/ckuttruff/orghub-clj/commit/190d4129057f93484104df97255e252e722dba9f
And there's a dead simple example of using the ring-handler
option in figwheel here:
https://github.com/bhauman/lein-figwheel/tree/master/examples/using-ring-handler
No more futzing around between localhost:3000 and localhost:3449
More secure anyways and more like how production will be running.
I know this doesn't resolve the underlying XHR failure here, and best of luck to folks still in that fight, but this is a perfectly reasonable resolution for me :) I will close, but if others still find a need to sort this out and resurrect, please do.
Thanks all.
from cljs-http.
Hi @ckuttruff, I'm facing the same issue. Did you get around it? I can see you switched your project over to Ruby - not a good sign, but thought I should ask anyway.
from cljs-http.
@divs1210 sorry moved repo:
https://github.com/ckuttruff/orghub-clj/commit/190d4129057f93484104df97255e252e722dba9f
The code in there should show my approach. I believe I got this sorted but was dealing with other issues such that I wanted to simplify.
Would love to use clj / cljs, but yeah, started with ruby one and stripped out all the progressive web app stuff and a lot of the front-end complexity and offline ambitions.
I def got over this CORS hurdle so lemme know if that commit of later code is unclear. Gist is to run on same server to avoid CORS altogether. Lol this is bringing back bad memories. All this was a headache
from cljs-http.
@divs1210 I updated stale links. Hope it's helpful. Good luck!
from cljs-http.
@ckuttruff Glad to know you got it to work. Thank you so much!
from cljs-http.
Related Issues (20)
- How to decode an http/get transit json response to a edn? HOT 3
- previewing a request before it gets sent HOT 1
- Error handling when server sends invalid json HOT 18
- A request that should return an HTTP 405 instead returns status 0 HOT 3
- GET request URL string with multiple values for one parameter HOT 5
- Unit test failing HOT 3
- Response body flattens `schema` object HOT 1
- Binary response data gets mangled HOT 2
- react native support HOT 1
- The custom channel seems doesn't work HOT 3
- jsonp throws exception due to goog.net.Jsonp api changes HOT 3
- README probably has a typo
- jsonp call results in error: TypeError: this.uri_.cloneWithParams is not a function at goog.net.Jsonp.send HOT 8
- Why would the cljs-http.client request be blocked by the cors policy if the clj-http.client request isn't? HOT 1
- Improve README to describe core functionality.
- Uncaught ReferenceError: cljs_http is not defined HOT 2
- Binary data doesn't seem to be included with multipart post? HOT 1
- Mangled JSON replies HOT 2
- Function redefinition warnings with Clojure/Script 1.11 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cljs-http.