Suggest possible wrong Socket.IO URL instead of CORS error

[rauchg]

A lot of people seem to be mistaking the error No 'Access-Control-Allow-Origin' header is present on the requested resource for lack of CORS support in Socket.IO.

This seems to be due to usually trying to initialize a socket to the wrong URL. The URL exists and responds, but obviously it doesn't set CORS headers. And even if it did, it wouldn't be where the socket.io server is hosted.

Maybe we could console.warn in these situations to warn the developer about a potential URL error.

[Neumann-Valle]

+1

[morenoh149]

would be useful

[b4dnewz]

@rauchg can you explain a little bit the situation? I'm having this cors trouble and I can't find a solution to it.

I'm using express and socket.io, on express side I've cors package which enable cors for all domains, than on socketio i'm using the origin: '*:*' to do the same, but I still get the same CORS error.

The express/socket server is on a different subdomain than the client but all normal requests work pretty good but when it comes to socketio it doesn't set the headers.

Failed to load api.domain.com: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin app.domain.com is therefore not allowed access. The response had HTTP status code 503.

[rnnyrk]

Having the same issue, can't find a fix. anyone any idea?

[sugar258596]

There is still such a problem, and it seems that it has not been solved

[darrachequesne]

@sugar258596 the problem is that I don't think we can really tell a CORS issue from a network issue, since the preflight requests are automatically sent by the browser.

The XMLHttpRequest object does not give much information:

XMLHttpRequest {
  onabort: null
​  onerror: null
​  onload: null
​  onloadend: null
​  onloadstart: null
​  onprogress: null
​  ontimeout: null
​  readyState: 0
​  response: ""
​  responseText: ""
​  responseType: ""
​  responseURL: ""
​  responseXML: null
​  status: 0
​  statusText: ""
​  timeout: 0
​  withCredentials: false
}

status: 0 might mean different things:

• Illegal cross origin request
• Firewall block or filtering
• The request itself was cancelled in code
• An installed browser extension is mucking things up

See also: https://stackoverflow.com/questions/872206/what-does-it-mean-when-an-http-request-returns-status-code-0

Open to discuss about this though!