I keep receiving
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://example.com:2013/socket.io/?EIO=3&transport=polling&t=1433950808025-0. (Reason: CORS request failed).
while I try to access my node.js. This doesn't work for me:
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
@edit: here is the updated full code:
var express = require('express');
var http = require('http');
var expressvar = express();
expressvar.use(function (req, res, next) {
res.setHeader('Access-Control-Allow-Headers', 'accept, authorization, content-type, x-requested-with');
res.setHeader('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE');
res.setHeader('Access-Control-Allow-Origin', req.header('origin'));
next();
});
expressvar.use(express.static('../'));
expressvar.use("/socket.io", express.static('../socket.io'));
var app = http.createServer(expressvar);
var io = require('socket.io').listen(app);
app.listen(2013);
Try this solution (edited to include full working code)
var app = require('express')();
var server = require('http').Server(app);
var io = require('socket.io')(server);
io.set('origins', '*:*');
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', req.get('Origin') || '*');
res.header('Access-Control-Allow-Credentials', 'true');
res.header('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE');
res.header('Access-Control-Expose-Headers', 'Content-Length');
res.header('Access-Control-Allow-Headers', 'Accept, Authorization, Content-Type, X-Requested-With, Range');
if (req.method === 'OPTIONS') {
return res.send(200);
} else {
return next();
}
});
server.listen(80);
app.get('/', function (req, res) {
res.send('OK');
});
io.on('connection', function (socket) {
socket.emit('news', { hello: 'world' });
socket.on('my other event', function (data) {
console.log(data);
});
});
Try using res.setHeader instead.
This example works for me:
app.use(function (req, res, next) {
res.setHeader('Access-Control-Allow-Headers', 'accept, authorization, content-type, x-requested-with');
res.setHeader('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE');
res.setHeader('Access-Control-Allow-Origin', req.header('origin'));
next();
});
cors package does this
// npm install --save cors
var express = require('express');
var cors = require('cors');
var app = express();
app.use(cors());
app.use(express.static());
app.get('*', function(){});
require('http').createServer(app).listen(3000)
I had trouble with this for quite a while do you have an app.configure function? If so this is what ended up working for me.
app.configure(function() {
app.set('port', 3000);
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(app.router);
app.use(express.urlencoded());
app.use(express.json());
app.all('/*', function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
next();
});
Inside your app.js add this lines of code:
var app = require('express')();
var server = require('http').Server(app);
var io = require('socket.io')(server);
server.listen(9081);
app.all('*', function(req, res, next){
origin = req.get('Origin') || '*';
res.set('Access-Control-Allow-Origin', origin);
res.set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
res.set('Access-Control-Expose-Headers', 'Content-Length');
res.set('Access-Control-Allow-Credentials', 'true');
res.set('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type'); // add the list of headers your site allows.
if ('OPTIONS' == req.method) return res.send(200);
next();
});
app.get('/', function (req, res) {
res.sendfile(__dirname + '/index.html');
});
io.on('connection', function (socket) {
socket.emit('news', { hello: 'world' });
socket.on('my other event', function (data) {
console.log(data);
});
});