'Access-Control-Allow-Origin' header for sse.html
Closed this issue · 2 comments
Hi,
While trying to run the sse.html file, as stand alone, i.e. using file protocol file:///../sse.html, I got the below error in the browser console:
EventSource cannot load http://127.0.0.1:7000/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
Knowing that, I added the CORNS to the server.js file you have in your example, so mine is looking like below:
var requestHandler = function(request, response) {
response.setHeader('Access-Control-Allow-Origin', '*');
response.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
response.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
response.setHeader('Access-Control-Allow-Credentials', true);
if (!WebSocket.EventSource.isEventSource(request))
return staticHandler(request, response);
NOTES
- The
sse.htmlfile, is working fine once run with http protocol, i.e. direct from the server,http://127.0.0.1:7000/sse.html - The
ws.htmlfile, regardless run as stand alone, i.e. using file protocolfile:///../ws.html, or run under server protocolhttp://127.0.0.1:7000/ws.html, is working fine with me, without any issue, in both cases..
It worked with me by modifying the handshake variable, at the source code lib -> faye -> eventsource.js to be as below:
var handshake = 'HTTP/1.1 200 OK\r\n' +
'Content-Type: text/event-stream\r\n' +
'Cache-Control: no-cache, no-store\r\n' +
'Connection: close\r\n' +
// 'Connection: keep-alive\r\n' +
'Access-Control-Allow-Origin: *' + // had been added
headers.toString() +
'\r\n' +
'retry: ' + Math.floor(this._retry * 1000) + '\r\n\r\n';
Can you make it easier, so I do not need to touch the module source code! thanks.
Setting customer headers in EventSource is already supported via the headers option:
var es = new EventSource(request, response, {
headers: {
'Access-Control-Allow-Origin': '*'
}
});