Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CORS] No 'Access-Control-Allow-Origin' header is present on the requested resource #2

Closed
csells opened this issue Aug 22, 2019 · 8 comments · Fixed by #200
Closed

[CORS] No 'Access-Control-Allow-Origin' header is present on the requested resource #2

csells opened this issue Aug 22, 2019 · 8 comments · Fixed by #200
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@csells
Copy link

csells commented Aug 22, 2019

Describe the bug
The following curl command works:

curl 'https://donjon.bin.sh/name/rpc.cgi?type=Party&n=10'

the equivalent command in postwoman doesn't work:

image

Desktop (please complete the following information):

  • OS: macOS
  • Browser chrome
  • Version 76
@csells
Copy link
Author

csells commented Aug 22, 2019

BTW, the curl command also works on plain http:// but postwoman doesn't work with a http:// URL either.

@AndrewBastin
Copy link
Member

AndrewBastin commented Aug 22, 2019
edited
Loading

Umm, well its a restriction due to the CORS (Cross Origin Request Policy), there isn't a client side work around to this unless the host your trying to access should respond with the appropriate CORS headers...

More info on CORS : https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

If you really want to circumvent the CORS policies and use Postwoman you can do with Browser extensions which do so, but hey, CORS policies are a security feature hence, overriding it ain't exactly safe...

As I said there isn't like a client-side (using the browser only) way to circumvent this without extensions, although I am pretty sure you could like tunnel the request through a server hosted on the same origin (or passes the CORS headers) and make it work.

Although, anyways, I will try working on a PR which routes any request failing the CORS checks through tunneling servers (something like this or this) but they come with their own restrictions (like what to do about headers for example) and stability issues.

@liyasthomas liyasthomas added feature New feature or request help wanted Extra attention is needed labels Aug 22, 2019
@abraham
Copy link
Contributor

abraham commented Aug 22, 2019

With #15 there is now an error displayed when CORS blocks requests.

@shmurf
Copy link

shmurf commented Aug 22, 2019

There are browser plugins that you can use to get around the CORS issue but beware, CORS is there for a reason, only use the plugin when debugging or using a site like this
Here is one such plugin
https://chrome.google.com/webstore/detail/moesif-orign-cors-changer/digfbfaphojjndkpccljibejjbppifbc?hl=en-US

@striebwj striebwj mentioned this issue Aug 22, 2019
Closed
@liyasthomas liyasthomas mentioned this issue Aug 25, 2019
Closed
@liyasthomas liyasthomas added bug Something isn't working and removed feature New feature or request labels Aug 25, 2019
@liyasthomas liyasthomas mentioned this issue Sep 2, 2019
Closed
@liyasthomas liyasthomas added this to the v1.0 Stable release milestone Sep 6, 2019
@liyasthomas liyasthomas changed the title simple GET on donjon.bin.sh doesn't work [CORS] simple GET on donjon.bin.sh doesn't work Sep 6, 2019
@liyasthomas liyasthomas mentioned this issue Sep 6, 2019
Closed
@liyasthomas liyasthomas pinned this issue Sep 6, 2019
@liyasthomas liyasthomas unpinned this issue Sep 17, 2019
@liyasthomas liyasthomas changed the title [CORS] simple GET on donjon.bin.sh doesn't work [CORS] No 'Access-Control-Allow-Origin' header is present on the requested resource Sep 26, 2019
@AndrewBastin
Copy link
Member

AndrewBastin commented Sep 30, 2019
edited
Loading

Assigning the issue to myself as I intend to resolve it by introducing a proxy system.

Feel free to put down any questions or any further discussion here...

@AndrewBastin AndrewBastin self-assigned this Sep 30, 2019
@liyasthomas
Copy link
Member

liyasthomas commented Sep 30, 2019
edited
Loading

Middleware implementation has out of the box support in Nuxt.

https://nuxtjs.org/api/pages-middleware
https://nuxtjs.org/examples/middleware
https://nuxtjs.org/guide/routing#middleware

@liyasthomas liyasthomas mentioned this issue Oct 11, 2019
Closed
@AndrewBastin
Copy link
Member

Umm, I am working on this, but I have some personal stuff coming up, so I will be focusing on that for a while (a week or so).

I am unassigning myself from this meanwhile, feel free to tackle this issue if you want.

@AndrewBastin AndrewBastin removed their assignment Oct 11, 2019
@hosseinnedaee hosseinnedaee mentioned this issue Oct 19, 2019
Merged
@NBTX NBTX mentioned this issue Oct 20, 2019
Merged
liyasthomas pushed a commit that referenced this issue Oct 20, 2019
@NBTX
Merge pull request #2 from hosseinnedaee/Proxy_Server
a73d805 
Proxy server
liyasthomas pushed a commit that referenced this issue Oct 20, 2019
@SamJakob
Fix CORS and Mixed-Content issue & Bug Fixes
f839189 
This fixes the following issues:
- Text selection color was incorrect
- The 'send again' button glitched on page load

This also adds some finishing touches to the proxy code (closes #199)
and that in turn resolves #175 and resolves #2

Finally, this adds the fonts to the application assets allowing
them to be cached by the service worker.
@philBrown
Copy link

Given the number of questions on StackOverflow that are some form of duplicate of Why does my JavaScript code get a “No 'Access-Control-Allow-Origin' header is present on the requested resource” error when Postman does not?, I don't see this as a bad thing.

@liyasthomas liyasthomas mentioned this issue Dec 19, 2019
Closed
liyasthomas pushed a commit that referenced this issue Mar 22, 2020
@leomp12
Merge pull request #2 from liyasthomas/master
86ee80f 
Update with master
liyasthomas pushed a commit that referenced this issue Oct 13, 2020
@gugacavalieri
Merge pull request #2 from hoppscotch/i18n
b614ae7 
update i18n
AndrewBastin pushed a commit that referenced this issue Apr 11, 2023
@ankitsridhar16
Merge pull request #2 from hoppscotch/chore/backend-integration
2901fb0 
chore: backend integration for existing modules and docker fix
@carsonbird carsonbird mentioned this issue Jan 4, 2024
Open
1 task
shipko pushed a commit to shipko/hoppscotch that referenced this issue Apr 24, 2024
chore(locale): update ru locale hoppscotch#2
92bb9aa
nivedin pushed a commit that referenced this issue Aug 28, 2024
@shipko
chore(lang): update ru locale #2 (#4298)
34f5617 
chore(lang): update ru locale

Co-authored-by: Dmitry Mukovkin <d.mukovkin@cft.ru>
shipko pushed a commit to shipko/hoppscotch that referenced this issue Sep 3, 2024
fix(status): fix import status message hoppscotch#2
9543309
AndrewBastin pushed a commit to shipko/hoppscotch that referenced this issue Sep 11, 2024
@AndrewBastin
fix(status): fix import status message hoppscotch#2
fb931a5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix CORS and Mixed-Content issue & Bug Fixes
6 participants
@abraham @philBrown @csells @AndrewBastin @liyasthomas @shmurf