kit icon indicating copy to clipboard operation
kit copied to clipboard
verified publisher icon sveltejs

handleFetch hook receive empty event object after 2.31.0 sveltekit upgrade

Open paras-taneja opened this issue 3 weeks ago • 1 comments

Describe the bug

handleFetch hook receive empty event object after 2.31.0 sveltekit upgrade. For ssr http calls handleFetch act as an http interceptor and we add auth details via event object . But after the upgrade the ssr calls started to throw 401 as auth details were empty in the event object as event object itself was coming empty.

Reproduction

export const handleFetch = (async ({ event, request, fetch }) => {
	const { token } = event.locals;
	const cookieString = event.request.headers.get('cookie') || '';
	const headers = getDefaultHeaders(request.url, cookieString, token, sendAuthorisation);

	Object.entries(headers).forEach(([key, value]) => {
		request.headers.set(key, value);
	});

	const resource = Object.keys(PRIVATE_URL_MAPPING).find((resource) =>
		request.url.startsWith(resource)
	);
	if (!dev && resource && PRIVATE_URL_MAPPING[resource]) {
		request = new Request(request.url.replace(resource, PRIVATE_URL_MAPPING[resource]), request);
	}

	return fetch(request);
}) satisfies HandleFetch;

upgrade sveltekit version to 2.31.0 from 2.30.1, the issue will popup

Logs

System Info

System:
    OS: macOS 15.6.1
    CPU: (10) arm64 Apple M1 Pro
    Memory: 536.16 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 24.7.0 - /opt/homebrew/bin/node
    npm: 11.5.1 - /opt/homebrew/bin/npm
    pnpm: 10.21.0 - /opt/homebrew/bin/pnpm
  Browsers:
    Safari: 26.1
  npmPackages:
    @sveltejs/adapter-auto: ^6.0.1 => 6.1.1 
    @sveltejs/adapter-node: ^5.2.12 => 5.4.0 
    @sveltejs/kit: 2.31.0 => 2.31.0
    @sveltejs/vite-plugin-svelte: ^6.2.1 => 6.2.1 
    svelte: ^5.30.1 => 5.43.12 
    vite: ^7.2.2 => 7.2.2

Severity

annoyance

Additional Information

No response

paras-taneja avatar Dec 08 '25 09:12 paras-taneja

Please provide a complete and minimal reproduction, not just a code snippet referring to other parts of your codebase that aren't included.

Conduitry avatar Dec 08 '25 13:12 Conduitry

When updating past 2.31.0 I get this error with vite dev SSR using the provided fetch to request some data.

CORS error: No 'Access-Control-Allow-Origin' header is present on the requested resource
    at universal_fetch (...)

I run this in hooks.server.ts:

const handleForwardedProto: Handle = async ({ event, resolve }) => {
    const proto = event.request.headers.get("x-forwarded-proto")
    if (proto) {
        event.url = new URL(event.url.href.replace(/^http:/, `${proto}:`))
    }
    return resolve(event)
}
export const handle = handleForwardedProto

I set this up a long time ago.

Removing it does not solve the issue.

timephy avatar Dec 17 '25 17:12 timephy

CORS error: No 'Access-Control-Allow-Origin' header is present on the requested resource at universal_fetch (...)

I should have mentioned that I have a Traefik Reverse Proxy on a dev.example.com domain, that proxies the request to my local machine running vite dev.

timephy avatar Dec 18 '25 10:12 timephy