Javascript - How to solve the problem with CORS policy

NewGodKirill
April 10, 2024
209 views
0 votes
2 Answers

I makes a project where wants to use a socket.io.
Now I have an error in browser console:

Access to XMLHttpRequest at ‘https://back.escootrent.com/socket.io/?EIO=4&transport=polling&t=OwxDnkM’ from origin ‘https://www.escootrent.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

How you can see I use my sub-domains, with which averything brokes. Awary domain links with their directory.
Client directory is tha basic web application on html, css, js, php. And now to connect with server using io('https://back.escootrent.com/socket.io');
The other directory is server for socket.io with this code:
server.js

const express = require('express');
const https = require('https');
const fs = require('fs');

const app = express();
const options = {
  key: fs.readFileSync('./_.escootrent.com_private_key.key'),
  cert: fs.readFileSync('./escootrent.com_ssl_certificate.cer')
};
const server = https.createServer(options, app);
const io = require('socket.io')(server);

app.get('/chats', function(req, res) {
    res.send('answ');
});

io.on('connection', socket => {
    console.log('User connected', socket.id);
})

io.on('disconnect', () => {
    console.log('User disconnected', socket.id);
});

server.listen(443, (err) => {
    if (err) {
        throw Error(err);
    }
    console.log('Server started!');
});

All this based on OpenServer and works with local parametrs, but don`t work with domains.

I tried this and nothing changed

app.use((req, res, next) => {
  res.setHeader('Access-Control-Allow-Origin', 'https://www.escootrent.com');
  res.setHeader('Access-Control-Allow-Methods', 'GET, POST');
  res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
  next();
});

io.origins((origin, callback) => {
  if (origin === 'https://www.escootrent.com') { 
    callback(null, true);
  } else {
    callback('Origin not allowed', false);
  }
});

const cors = require('cors');
app.use(cors());

Answers

Chosen as BEST ANSWER
- NewGodKirill
- April 10, 2024 at 1:07 pm
- 0 votes
0
In my situation, solution is in using different port:
```
server.listen(1111, (err) => {
    if (err) {
        throw Error(err);
    }
    console.log('Server started!');
});
```
And open this port in the setings of youe firewall.

(Edit)

As per doc io.origins is depreciated, so remove this

io.origins((origin, callback) => { // ❌
  if (origin === 'https://www.escootrent.com') { 
    callback(null, true);
  } else {
    callback('Origin not allowed', false);
  }
});

Change the initialisation to

const io = require('socket.io')(server,{ // ✅
  cors: {
    origin: "https://escootrent.com"
  }
});

Full code

const express = require('express');
const https = require('https');
const fs = require('fs');
const cors = require('cors');

const app = express();
app.use(cors());

const options = {
  key: fs.readFileSync('./_.escootrent.com_private_key.key'),
  cert: fs.readFileSync('./escootrent.com_ssl_certificate.cer')
};
const server = https.createServer(options, app);
    const io = require('socket.io')(server,{
  cors: {
    origin: "https://escootrent.com"
  }
});

app.get('/chats', function(req, res) {
    res.send('answ');
});

io.on('connection', socket => {
    console.log('User connected', socket.id);
})

io.on('disconnect', () => {
    console.log('User disconnected', socket.id);
});

server.listen(443, (err) => {
    if (err) {
        throw Error(err);
    }
    console.log('Server started!');
});

Please signup or login to give your own answer.

Click here to cancel reply.

Javascript – How to solve the problem with CORS policy

Answers