socket.io icon indicating copy to clipboard operation
socket.io copied to clipboard

Published 20 hours ago verified publisher icon socketio

Suggest possible wrong Socket.IO URL instead of CORS error

Open rauchg opened this issue 10 years ago • 6 comments

A lot of people seem to be mistaking the error No 'Access-Control-Allow-Origin' header is present on the requested resource for lack of CORS support in Socket.IO.

This seems to be due to usually trying to initialize a socket to the wrong URL. The URL exists and responds, but obviously it doesn't set CORS headers. And even if it did, it wouldn't be where the socket.io server is hosted.

Maybe we could console.warn in these situations to warn the developer about a potential URL error.

rauchg avatar Feb 03 '15 19:02 rauchg

+1

Neumann-Valle avatar Feb 04 '15 15:02 Neumann-Valle

would be useful

morenoh149 avatar Feb 26 '15 20:02 morenoh149

@rauchg can you explain a little bit the situation? I'm having this cors trouble and I can't find a solution to it.

I'm using express and socket.io, on express side I've cors package which enable cors for all domains, than on socketio i'm using the origin: '*:*' to do the same, but I still get the same CORS error.

The express/socket server is on a different subdomain than the client but all normal requests work pretty good but when it comes to socketio it doesn't set the headers.

Failed to load api.domain.com: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin app.domain.com is therefore not allowed access. The response had HTTP status code 503.

b4dnewz avatar Nov 17 '17 00:11 b4dnewz

Having the same issue, can't find a fix. anyone any idea?

rnnyrk avatar Apr 02 '19 15:04 rnnyrk

There is still such a problem, and it seems that it has not been solved

sugar258596 avatar Jul 05 '23 09:07 sugar258596

@sugar258596 the problem is that I don't think we can really tell a CORS issue from a network issue, since the preflight requests are automatically sent by the browser.

The XMLHttpRequest object does not give much information:

XMLHttpRequest {
  onabort: null
​  onerror: null
​  onload: null
​  onloadend: null
​  onloadstart: null
​  onprogress: null
​  ontimeout: null
​  readyState: 0
​  response: ""
​  responseText: ""
​  responseType: ""
​  responseURL: ""
​  responseXML: null
​  status: 0
​  statusText: ""
​  timeout: 0
​  withCredentials: false
}

status: 0 might mean different things:

  • Illegal cross origin request
  • Firewall block or filtering
  • The request itself was cancelled in code
  • An installed browser extension is mucking things up

See also: https://stackoverflow.com/questions/872206/what-does-it-mean-when-an-http-request-returns-status-code-0

Open to discuss about this though!

darrachequesne avatar Aug 11 '23 10:08 darrachequesne