fastapi-socketio
fastapi-socketio copied to clipboard
pyropy
[USAGE-NOTE] CORS configuration: multiple `access-control-allow-origin` header entries returned to client; chrome fails to upgrade connection.
(This may be a documentation issue -- in any case, this may be helpful to someone else)
EDIT I see this problem is mentioned in issue #2, but I didn't make the connection until after creating this issue.
I encountered a problem where Chrome refused to upgrade the connection, due to multiple CORS header being returned in the server response, when using fastapi.CORSMiddleware and setting allowed origins in both places
app = FastAPI()
app.add_middleware(
CORSMiddleware,
# allow any origin for development purposes, don't do this in production
allow_origins=['*'],
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
sio = SocketManager(app=app, cors_allowed_origins=['*'])
Seem obvious now, but setting both allow_origins in CORSMiddleware, and cors_allowed_origins in fastapi-socketio causes duplicate headers to be returned to the client (which causes errors in Chrome, and the connection isn't upgraded)
Related to python-socketio issue 205 -- this response recommends async_mode='sanic' and cors_allowed_origins=[] in the constructor:
engineio.AsyncServer(async_mode='sanic', cors_allowed_origins=[])
I've confirmed that passing cors_allowed_origins=[] in the SocketManager() constructor resolves the issue in this situation.
(See also this issue)
@inactivist Hey thank you for reporting this information. I'll test it out with sanic mode and update the docs accordingly! Thank you once again 🚀🎉
