Fetch: response headers incomplete in the CORS request.

Created on 23 Sep 2016  路  4Comments  路  Source: github/fetch

hi, example:

fetch('https://registry.npm.taobao.org')
    .then((response) => {
        response.headers.forEach((val, key) => {
            console.log(key, val)
    })
})

output:

content-type application/json; charset=utf-8

but see the response information:

Access-Control-Allow-Origin:http://localhost:8080

Connection:keep-alive

Content-Length:776

Content-Type:application/json; charset=utf-8

Date:Fri, 23 Sep 2016 14:57:34 GMT

ETag:"308-KTjgFOxcNZRPaaFF01sFMw"

X-Current-Requests:1

X-ReadTime:1456

Why can't obtain other header information?

Most helpful comment

See the Access-Control-Expose-Headers description in this CORS tutorial.

All 4 comments

I'm guessing that the registry.npm.taobao.org response must explicitly allow the requester to read the headers via some CORS settings. When I manually hit registry.npm.taobao.org, I don't see any CORS headers being set.

Thanks! I find this is just one example of the URL, I tested locally, the server completes the CORS agreement and can normally obtain data.

When implementing jwt trying to get Authorization, but the findings are not obtained.

example:

Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:8080
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hcGkuY2xpZW50LmJlaWtyLm5ldFwvYXBpXC91c2VyIiwiaWF0IjoxNDc0NjQ1NTM5LCJleHAiOjE0NzQ2NDkxMzksIm5iZiI6MTQ3NDY0NTUzOSwianRpIjoiODA3ODFhYTYyZTJmMTczMGFjMzMxNGRmNDJkMzY3OTciLCJzdWIiOjF9.ixoOlBFLlJ0-TSu86O_zpsNf_xP3b7Nx6d5tU6mhQjY
Cache-Control:no-cache
Connection:close
Content-Length:259
Content-Type:application/json
Date:Fri, 23 Sep 2016 15:45:39 GMT
Server:Apache/2.4.18 (Unix) OpenSSL/1.0.2h PHP/7.0.8 mod_perl/2.0.8-dev Perl/v5.16.3
Vary:Authorization,Origin
X-Powered-By:PHP/7.0.8

I did a full example:

fetch('https://api-demo.websanova.com/')
  .then((response) => { 
    response.json().then((json) => {
      console.log(json)
    })

    response.headers.forEach((val, key) => {
      console.log(key, val)
    })
  })

Data can be acquired, but the header is not acquired.

See the Access-Control-Expose-Headers description in this CORS tutorial.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

ccorcos picture ccorcos  路  3Comments

naivefun picture naivefun  路  3Comments

codeashian picture codeashian  路  3Comments

javan picture javan  路  3Comments

karladler picture karladler  路  4Comments