Comments (6)
I don't have any specific reason for not using wildcards. I will switch to always using wildcards to fix your problem.
from cors-anywhere.
Also pushed to backends at
https://cors-anywhere.herokuapp.com/
https://cors-anywhere-eu.herokuapp.com/
from cors-anywhere.
Can you share a sample URL to reproduce your bug? I will try to pin down the issue and create a report at http://crbug.com/new. If the bug really exists, then it needs to be fixed.
from cors-anywhere.
Suweet. Thanks for the quick fix, it's now working!
Unfortunately [well for you/Chrome, not me ;-] this is a client app and the CORS stuff is only used within the admin section. (Basically using it to create thumbnails for hotlinked images people occasionally save.)
Sounds like the browser really should be re-validating its cache in this case? If it helps here's basically the outline of the code, note that this was a CORS image load rather than XHR2:
var img = new Image();
img.crossOrigin = 'anonymous';
img.src = prefixedURL;
img.onload = function () { /* …make thumbnail using canvas.getContext('2d')… */ };
img.onerror = function () { /* …bubble up an error message. */ };
Thanks again for the super-quick workaround, and please let me know if there's anything else I can help with on this issue!
from cors-anywhere.
Figured that the steps to reproduce the original bug is:
-
Start a (local) server that serves resources (e.g. images) with the following headers:
Access-Control-Allow-Origin: <Origin request header here> Cache-Control: max-age=3600
E.g.
require('http').createServer(function(req,res) { res.writeHead(200, { 'access-control-allow-origin': req.headers.origin, 'Cache-Control' : 'max-age=3600' // Cache for (e.g.) an hour }); res.end(); }).listen(1306);
-
Fetch the image once:
var img = new Image(); img.crossOrigin = 'anonymous'; img.src = 'http://localhost:1306';
-
Repeat the previous step, on a different origin.
-
Observe that the previous step failed, because the request was retrieved from cache.
The specification mentions the expected behavior for the preflight cache (though it's not implemented in Chrome - http://crbug.com/260239).
I don't see anything about the browser's cache in either of the standards though (http://www.w3.org/TR/cors/ and http://fetch.spec.whatwg.org/).
The bug occurs in Firefox 26 as well.
(reported bug at https://www.w3.org/Bugs/Public/show_bug.cgi?id=23653#c2)
from cors-anywhere.
In a future version you might want to support credentials for origins and/or destinations matching a configuration list/regex, so you will need to return exact origin in allow-origin.
A Vary: Origin header may better fix the original issue
from cors-anywhere.
Related Issues (20)
- Does not work in Deno (TypeError on every request) HOT 1
- 400 Bad Request HOT 1
- Update HTTP-Proxy to 1.18.1 to resolve https://github.com/advisories/GHSA-6x33-pw7p-hmpq HOT 1
- Redirects ruining GET parameters using axios HOT 2
- how to block specific final link not origin
- cors-anywhere doesn't work with youtube m3u8 files HOT 1
- Error creating app on Heroku website HOT 2
- API domain name resolution problem HOT 1
- performance problem, cors-anywhere doesn't use outbound HTTP keep-alive HOT 1
- s anywhere
- Question about whitelisting HOT 1
- getting an Uncaught (in promise) SyntaxError HOT 1
- Authorization error HOT 1
- Whitelisting subdomain doesn't work as expected
- see the CI test #271 #273
- cors anywhere not working on vercel HOT 1
- add option to add auth header for sites like reddit HOT 1
- Siteye kurulum
- live radio use case: Missing required request header. Must specify one of: origin,x-requested-with HOT 4
- Not found because of proxy error: AggregateError
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors-anywhere.