Graphql-playground: Cannot get schema due to Apollo-Tracing header

Created on 14 Jan 2018  路  10Comments  路  Source: graphql/graphql-playground

This issue pertains to the following package(s):

  • [X] GraphQL Playground Express Middleware

What version of graphql-playground(-electron/-middleware) are you experiencing the issue(s) on?

1.4.9

I'm unable to fetch the schema for my endpoint, because of the X-Apollo header that the playground adds. It should not be added to the options request (somehow). Executing queries works.

Failed to load https://api.deutschebahn.com/free1bahnql/v1/graphql: Request header field X-Apollo-Tracing is not allowed by Access-Control-Allow-Headers in preflight response.
arepackagreact bu2-confirmed
Source
picture kbrandwijk

Most helpful comment

Would be great for a way to disable tracing for those that don't want to add this allowed header to their API.

picture gpoitch on 13 Nov 2019
👍5

All 10 comments

It works succesfully when I use graphql playground, which uses requestProxy.

kbrandwijk picture kbrandwijk on 14 Jan 2018

What happens is this: the pre-flight request returns 200, which is fine. It contains Access-Control-Allowed-Headers, and x-apollo-tracing isn't one of them.

This means that the actual request should _not_ include that header.

kbrandwijk picture kbrandwijk on 14 Jan 2018

Just tested it. This works in the electron version (no error there, schema available right away).

kbrandwijk picture kbrandwijk on 15 Jan 2018

Fixed in the latest version. Please let us know if you still have that issue, then we reopen it!

timsuchanek picture timsuchanek on 29 May 2018

I'm also seeing this issue on 1.7.4

scottdj92 picture scottdj92 on 13 Sep 2018

This is still an issue on Graphqlbin. If you don't allow the X-Apollo-Tracing via CORS, you get an endless loop of failing schema requests and the Playground showing "Failed to fetch schema. Please check your connection".

jgillich picture jgillich on 19 Mar 2019
👍1

Yeah this issue needs to be re-opened

webberwang picture webberwang on 12 Apr 2019

Still an issue for me

notrab picture notrab on 13 Apr 2019
👍1

The issue is still present as GraphQLBin.com requires us to add:

  • X-Apollo-Tracing
    header as part of the array of:
  • Access-Control-Allow-Headers

For all experiencing the issue, just add X-Apollo-Tracing to Access-Control-Allow-Headers, for example for AWS API Gateway the result would be:

const apiGatewayDefaultHeaders = `Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent`
const headersForPlaygroundToWork = `X-Apollo-Tracing`

const headers = {
  "Access-Control-Allow-Origin": "*", // Required for CORS support to work
  "Access-Control-Allow-Headers": `${apiGatewayDefaultHeaders},${headersForPlaygroundToWork}`,
  "Access-Control-Allow-Credentials": true, // Required for cookies, authorization headers with HTTPS
}
o-alexandrov picture o-alexandrov on 1 May 2019
👍1

Would be great for a way to disable tracing for those that don't want to add this allowed header to their API.

gpoitch picture gpoitch on 13 Nov 2019
👍5
Was this page helpful?
0 / 5 - 0 ratings

Related issues

nicolas-besnard picture nicolas-besnard  路  22Comments
tuurbo picture tuurbo  路  13Comments
anodynos picture anodynos  路  19Comments
grahamb picture grahamb  路  20Comments
Deepaknathtiwari picture Deepaknathtiwari  路  11Comments