I have set up a node server with socket io turning and trying to connect to it through another server. However some browsers on different computers give me this error and makes it reconnect the whole time:
XMLHttpRequest cannot load :3000/socket.io/?EIO=3&transport=polling&t=Lo_SdiU. The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin '' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
my js config:
var port = 3000;
var fs = require('fs');
var https = require('https');
var express = require('express');
var app = express();
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/devpeter/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/devpeter/fullchain.pem')
};
var server = https.createServer(options, app);
var io = require('socket.io')(server);
io.origins(':* .php:*');
// start of server
server.listen(port, function(){
console.log('listening on *: '+ port + "\n");
});
I am using node 8.0 and socket io 2.2, Your help will be greatly appreciated.
EDIT: here is the client code:
<script src=":3000/socket.io/socket.io.js"></script>
<script>
var socket = io(':3000');
</script>
I have set up a node server with socket io turning and trying to connect to it through another server. However some browsers on different computers give me this error and makes it reconnect the whole time:
XMLHttpRequest cannot load https://serverDomain.net:3000/socket.io/?EIO=3&transport=polling&t=Lo_SdiU. The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'https://www.differentServerDomain.fr' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
my js config:
var port = 3000;
var fs = require('fs');
var https = require('https');
var express = require('express');
var app = express();
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/devpeter.net/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/devpeter.net/fullchain.pem')
};
var server = https.createServer(options, app);
var io = require('socket.io')(server);
io.origins('https://www.differentServerDomain.fr:* https://www.differentServerDomain.fr/wp-admin/index.php:*');
// start of server
server.listen(port, function(){
console.log('listening on *: '+ port + "\n");
});
I am using node 8.0 and socket io 2.2, Your help will be greatly appreciated.
EDIT: here is the client code:
<script src="https://serverDomain.net:3000/socket.io/socket.io.js"></script>
<script>
var socket = io('https://serverDomain.net:3000');
</script>
10 Answers
Reset to default 134I have found a solution. for some reason the default transportation method is not always allowed by all servers.
So i specified a neutral transportation method at the client side, like this:
var socket = io('https://yourDomain:3000', { transports : ['websocket'] });
This worked for me
var socket = io('http://yourDomain:port', { transports: ['websocket', 'polling', 'flashsocket'] });
For users of Socekt io v3
You need to use option credentials in cors options of server config.
Example:
const io = require('socket.io')(strapi.server, {
cors: {
origin: "http://localhost:3000",
credentials: true
}
});
Docs:
https://expressjs.com/en/resources/middleware/cors.html https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
Related topic:
Socket.io + Node.js Cross-Origin Request Blocked
Migration guide
https://socket.io/docs/v3/migrating-from-2-x-to-3-0/index.html#CORS-handling
In Client code add this, I got error "NO Access-Control-Allow-Origin' header is present". so added this on client side.
var connectionOptions = {
"force new connection" : true,
"reconnectionAttempts": "Infinity",
"timeout" : 10000,
"transports" : ["websocket"]
};
this.socket = io.connect('http://localhost:5000',connectionOptions);I recently faced the same issue and the solution that worked for me was the following:
//in the React project install socket.io-client and then
import io from 'socket.io-client'
var socket = io('http://localhost:<your_port_number>', {transports: ['websocket', 'polling', 'flashsocket']});
Try this, it worked for me:
const io = require("socket.io")(httpServer, {
cors: {
origin: "http://localhost:8080",
methods: ["GET", "POST"]
}
});
Specify the following on the client-side.
const socket = io('https://yourDomain:3000', { transports: ['websocket'] });
instead of const socket = io('https://yourDomain:3000');
Hope this modification will help you.
var port = 3000;
var fs = require('fs');
var https = require('https');
var express = require('express');
var app = express();
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "https://www.differentServerDomain.fr https://www.differentServerDomain.fr");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/devpeter.net/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/devpeter.net/fullchain.pem')
};
var server = https.createServer(options, app);
var io = require('socket.io')(server);
// start of server
server.listen(port, function(){
console.log('listening on *: '+ port + "\n");
});
Also please check server-side log having this msg "info - unhandled socket.io url" or not. if shown, please upgrade your socket.io version to 1.0+. I solved it by this approach.
npm install [email protected]
or change package.json like that:
"dependencies": {
"socket.io": "^1.0"
}
Adding below parameters resolved the CORS issue in client socket connection in reactjs.
{ transports : ['websocket'] }
import socketIOClient from 'socket.io-client';
const socket = socketIOClient('http://localhost:5000', { transports : ['websocket'] });
socket.on('connect', () => {
console.log('Connected to server');
});