All geek questions in one place

Get the answer empty due to pre-flight?

I have webapp react.js / redux / webpackt / es6 ... and api in go with gorilla flour.
When I make a call with the function below, my title is empty and the contents are empty too.

I use this package in my webapp to make calls

"isomorphic-fetch": "^2.2.1",

My call example

 export function Login(userData) { return dispatch => { fetch(API + '/login', { method: 'post', headers: { 'Accept': 'application/json', 'Content-Type': 'application/json', }, body: JSON.stringify({ email: userData.email, password: userData.password, }), }) .then(response => { console.log(response); console.log(response.statusText); console.log(response.status); console.log(response.headers); console.log(response.headers.get("Authorization")); console.log(response.json()); return response.json() if (response.status >= 200 && response.status < 300) { console.log(response); dispatch(LoginSuccess(response)); } else { const error = new Error(response.statusText); error.response = response; dispatch(LoginError(error)); throw error; } }).then(function(json) { console.log('parsed json' + json) }) .catch(error => { console.log('request failed', error); }); }

In the beginning, I had a problem with cors. How to handle CORS preview requests on the Go server. I used this solution

We can see the call inside the console:

 login OPTIONS 200 fetch auths.actions.js:38 352 B 1 ms login POST 200 json Other 567 B 82 ms

When I look in my POST header response, I have:

 HTTP/1.1 200 OK Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE Access-Control-Allow-Origin: http://localhost:3000 Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0NTQ3NTcxNjEsInVzZXJfaWQiOiI1NmI1YjZlOTFhZTMzYjAwMDFhYmE1MTQifQ.WGoTMxm6OuN24Olwr93J3pND9dFLCtG5MyiRbqLWeD244JtDzq0bGgQMixeZxyuxwGK3u8KhyWD7Rr6iZAGNpA Content-Type: application/json Date: Sat, 06 Feb 2016 11:12:41 GMT Content-Length: 2

So, is the answer processing my pre-flight information, not my POST? Since there is nothing inside response.headers and response.headers.get("Authorization") is there something wrong?

+5
source share
1 answer

I had a problem that my headers were sent, received correctly (the chrome network tab correctly shows me all sent headers), but I could not access them in js ( response.headers was empty). As described in Fetch, get request returns empty headers , this happened because the server did not set the Access-Control-Expose-Headers header, as a result of which the necessary headers will not be displayed in js. So the solution is to add this header to the server and voilà, now the headers are available in js:

 Access-Control-Expose-Headers: <header-name>, <header-name>, ...

The header accepts a comma-separated list of header names that should be displayed in the browser.

For more information on why this header is needed, see Why do I need Access-Control-Expose headers?

+8
source

Source: https://habr.com/ru/post/1242432/

More articles:


All Articles