Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to deal with Cross Origin issue with nodejs / sse module #2

Open
ghost opened this issue Aug 9, 2012 · 5 comments
Open

How to deal with Cross Origin issue with nodejs / sse module #2

ghost opened this issue Aug 9, 2012 · 5 comments

Comments

@ghost
Copy link

ghost commented Aug 9, 2012

How do I handle on the server side the cross origin issue which triggers on the client the following error?

Uncaught Error: SECURITY_ERR: DOM Exception 18

Thanks.
@einaros
Copy link
Owner

einaros commented Aug 10, 2012

It'll have to be extended to support the passing of the Access-Control-Allow-Origin header. Should be a pretty quick fix.

That said I am not entirely sure about the state of CORS for SSE in browsers. When I last dug into it, the support was sketchy, but from a quick Google search it seems better now.

@ghost
Copy link
Author

ghost commented Aug 10, 2012

Thanks for the response. I am a bit new to nodejs and especially to npm modules management tool. I have installed the sse module through npm. This is where the module files has been placed:

/usr/share/npm/node_modules/sse/lib $ ls -l
total 8
1155 Aug 10 09:32 sseclient.js
1404 Aug 10 09:34 sse.js

I modified directly the code of sse.js by changing the handleRequest function when it writes the header:

SSE.prototype.handleRequest = function(req, res) {
req.socket.setNoDelay(true);
var isLegacy = req.headers['user-agent'] && (/^Opera[^\/]/9/).test(req.headers['user-agent']);
if (isLegacy) {
res.writeHead(200, {'Content-Type': 'text/x-dom-event-stream'});
}
else res.writeHead(200, {'Content-Type': 'text/event-stream',
'Access-Control-Allow-Origin' : ''});
console.log("{Setting the headers");
res.write(':ok\n\n');
this.emit('connection', new SSEClient(req, res, isLegacy));
}

However I don't see the log to console (to make sure it is actually executing this code) and of course the cross origin issue still shows up. So I am not sure if it is correct to modify the file directly installed on the node_modules/sse/lib directory or if the way I changed the code is not correct. Any suggestion ?

Thanks

@ghost
Copy link
Author

ghost commented Aug 10, 2012

I also did a locate of sse.js to see all the possible places where npm would place a module files:

locate sse.js
/home/diegosacc/.npm/sse/0.0.3/package/lib/sse.js
/usr/share/npm/node_modules/sse/lib/sse.js

so I went ahead to make the same changes on /home/diegosacc/.npm/sse/0.0.3/package/lib/sse.js but still I don't see the log "Setting Headers". This tell me the sse.js files I changed are not the one picked up at runtime.

@dman777
Copy link

dman777 commented Nov 30, 2013

Hi, looking to use this. Has this issue been resolved?

@capJavert
Copy link

I used patch-package to modify source of this package and add CORS header.

This will add wildcard CORS header (be aware that all origins will be allowed):

diff --git a/node_modules/sse/lib/sseclient.js b/node_modules/sse/lib/sseclient.js
index 06c2c5e..b918ba9 100644
--- a/node_modules/sse/lib/sseclient.js
+++ b/node_modules/sse/lib/sseclient.js
@@ -19,7 +19,8 @@ SSEClient.prototype.initialize = function() {
   this.res.writeHead(200, {
     'Content-Type': 'text/event-stream',
     'Cache-Control': 'no-cache, no-transform',
-    'Connection': 'keep-alive'
+    'Connection': 'keep-alive',
+    'Access-Control-Allow-Origin': '*'
   });
   this.res.write(':ok\n\n');
 };

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@einaros @dman777 @capJavert