Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix "Refused to set unsafe header" in browser by using message-headers to omit standard HTTP RFC headers from being set? #1420

Open
niftylettuce opened this issue Sep 28, 2018 · 0 comments
Open

Fix "Refused to set unsafe header" in browser by using message-headers to omit standard HTTP RFC headers from being set? #1420

niftylettuce opened this issue Sep 28, 2018 · 0 comments

Comments

@niftylettuce
Copy link
Collaborator

I have created a package message-headers at https://github.com/niftylettuce/message-headers#message-headers that supplies us with standard headers that superagent should not modify if we are in window (browser) environments. Users experience errors like this https://stackoverflow.com/questions/50364832/refused-to-set-unsafe-header-access-control-request-headers-angular-4/50366340 if they attempt to set standard headers that the browser itself is setting.
Perhaps if one of the messageHeader.standard headers is passed, we should omit it (e.g. using a similar approach to Lodash's omit method).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@niftylettuce