Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access-Control-Allow-Origin - not possible to host application clients on other hosts #1442

Closed
gcmartijn opened this issue Mar 5, 2014 · 11 comments
Closed

Access-Control-Allow-Origin - not possible to host application clients on other hosts #1442

gcmartijn opened this issue Mar 5, 2014 · 11 comments

Comments

@gcmartijn
Copy link

I don't know if its an issue or a 'feature' but in the old version I can do something like:
io.set('Origin':'*')

The reason to do this is because our application will be hosted on many different hostnames (websites) (origins). And only one server host.

In other words, its not possible to host our application clients on other hosts.

We don't use express or other modules, to keep it as clean as possible.
request_handler = require('./request_handler');

            inspect = require('util').inspect;
            app = require('http').createServer(request_handler.handler);
            io = require('socket.io').listen(app,{
                    'pingTimeout':60000,
                    'transports':['xhr-polling','polling', 'websocket', 'flashsocket'],
                    'pingInterval':25000,
                    'allowUpgrades':true,
                    'cookie':'io'
            });

app.listen(8090);

The error we get is:
OPTIONS http://_serverhost__:8090/socket.io/?EIO=2&transport=polling&sid=DWGmxtENtfqN_h1GAAAA No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://clienthost**' is therefore not allowed access. v1.js?c=b3f0c7f6bb763af1be91d9e74eabfeb199dc1f1f:5798
XMLHttpRequest cannot load http://serverhost:8090/socket.io/?EIO=2&transport=polling&sid=DWGmxtENtfqN_h1GAAAA. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://**_clienthost****' is therefore not allowed access.

  • I removed the original serverhost name and clienthost
@Neumann-Valle
Copy link

check mine, I replicated the issue..
It is possible to be the same..
socketio/socket.io-client#641

@Neumann-Valle
Copy link

so , did you fix your issue?
Basically if you emit something after on connect in client side ,the error pop ups in Chrome Browser.
and in my case , Firefox loops.

@gcmartijn
Copy link
Author

I'm going to use https://github.com/primus/primus so I can use socket.io when this fixed again.
If not then i'm using ws.
Because I don't know if somebody can fix this problem.

Its not really a solution, but maybe a better option.

@Neumann-Valle
Copy link

Hi, if you can replicate the issue you will see is not of a big deal, just not emiting right on connection would not give you anymore problems.

@3rd-Eden 3rd-Eden mentioned this issue Mar 19, 2014
Merged
@gahula
Copy link

gahula commented May 29, 2014

I am currently experiencing the same issue

@pmcalabrese
Copy link

I currently have this issue as well

@gahula
Copy link

gahula commented May 31, 2014

I solved my issue by removing the the transports options....

var express = require('express');
var app = express();
var server = require('http').Server(app);
var io = require('socket.io')(server, {origins:'domain.com:* http://domain.com:* http://www.domain.com:*'});
var compress = require('compression');
var redis = require('socket.io-redis');
var uuid = require('node-uuid');
var geoip = require('geoip-lite');
var _ = require('underscore')._;

io.adapter(redis({ host: 'localhost', port: <port#>}));

server.listen(<port#>, '', function(){
console.log("Server up and running...");
});

........

@avinashega
Copy link

You can host your application on a different host but make sure you server the client socket.io.js from the same host where you are trying to connect to.

for example, my initial client code was this and it was throwing CORS error

<script src="/socket.io/socket.io.js"></script>
var socket = io.connect('http://mydomain.com/');

once I modified it to this, it worked alright.

<script src="http://mydomain.com/socket.io/socket.io.js"></script>
var socket = io.connect('http://mydomain.com/');

And my server code is,

var express = require('express');
var app = express();
app.use(function(req, res, next) {
        res.header("Access-Control-Allow-Origin", "*");
        res.header("Access-Control-Allow-Headers", "X-Requested-With");
        res.header("Access-Control-Allow-Headers", "Content-Type");
        res.header("Access-Control-Allow-Methods", "PUT, GET, POST, DELETE, OPTIONS");
        next();
    });
var server = http.createServer(app);
io = socketio.listen(server, {log:false, origins:'*:*'});
... //io.connect and events below

@3rd-Eden 3rd-Eden mentioned this issue Sep 3, 2014
Closed
@shades3002
Copy link

yo lo solvente asi:

  1. npm install cors
  2. var cors = require('cors');
    3)app.use(cors());

@zardoz
Copy link

zardoz commented Nov 8, 2016

Pero esto no es muy seguro, tienes que specificar el domain. En este caso todo esabierto.

This is not very secure, you should specify the domain. In this case everything is open

@shades3002
Copy link

Claro pero eso lo configura uno de acuerdo a su necesidad https://www.npmjs.com/package/cors aqui aparece como configurar de manera personalizada. Saludos..

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@zardoz @Neumann-Valle @pmcalabrese @gahula @avinashega @shades3002 @gcmartijn