Uncaught (in promise) TypeError: Failed to fetch and Cors error

Asked 12/3, 2017 at 23:21 Answered 2/3 at 20:53

having a problem with getting data back from database. I am trying my best to explain the problem.

1.If I leave "mode":"no-cors" inside the code below, then I can get data back from server with Postman, but not with from my own server. Thinking it has to be my client side error

When I remove "mode":"no-cors" then I am getting 2 errors: -Fetch API cannot load http://localhost:3000/. Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response. -Uncaught (in promise) TypeError: Failed to fetch

Quick Browsing suggested to put in the "mode":"no-cors" which fixed this error, but it does not feel right thing to do.

So I thought maybe somebody has a suggestion how to approach this problem.

Really hope I was clear enough, but pretty sure I am not giving clear explanation here :S

function send(){
    var myVar = {"id" : 1};
    console.log("tuleb siia", document.getElementById('saada').value);
    fetch("http://localhost:3000", {
        method: "POST",
        headers: {
            "Access-Control-Allow-Origin": "*",
            "Content-Type": "text/plain"
        },//"mode" : "no-cors",
        body: JSON.stringify(myVar)
        //body: {"id" : document.getElementById('saada').value}
    }).then(function(muutuja){

        document.getElementById('väljund').innerHTML = JSON.stringify(muutuja);
    });
}

Vivisectionist answered 12/3, 2017 at 23:21 Comment(5)

mode: no-cors would guarantee no access to response. Also, you're using fetch wrong ... in your code, the argument muutuja is a Response object, to get json, you'd need to return muutuja.json() and in the next then, the argument will be the data you want – Amphetamine 12/3, 2017 at 23:32

simple answer with CORS ... the server needs to allow access to its resources, so the server needs to issue CORS headers as appropriate - so the "Access-Control-Allow-Origin": "*" in the request is pointless (and will trigger a preflight request to add to the complication) - if CORS were able to be "bypassed" by the client, then CORS would be 100% pointless – Amphetamine 12/3, 2017 at 23:35

I will see if I manage to do fetch properly @JaromandaX doing this all locally Having that in my server's js code res.header('Access-Control-Allow-Origin', '*'); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS'); res.header('Access-Control-Allow-Headers', 'Content-Type'); – Vivisectionist 12/3, 2017 at 23:36

oh, so you do issue CORS response headers ... does your server handle the OPTIONS pre-flight that you trigger by adding a "non standard" header? I think all your problems will go away if you remove the access-control header from the request and don't add mode: 'no-cors' to the request – Amphetamine 12/3, 2017 at 23:37

@JaromandaX IT worked!!! I did remove the access-control from the send() and also removed mode:'no-cors' Seems like this works well now – Vivisectionist 12/3, 2017 at 23:44

Adding mode:'no-cors' to the request header guarantees that no response will be available in the response

Adding a "non standard" header, line 'access-control-allow-origin' will trigger a OPTIONS preflight request, which your server must handle correctly in order for the POST request to even be sent

You're also doing fetch wrong ... fetch returns a "promise" for a Response object which has promise creators for json, text, etc. depending on the content type...

In short, if your server side handles CORS correctly (which from your comment suggests it does) the following should work

function send(){
    var myVar = {"id" : 1};
    console.log("tuleb siia", document.getElementById('saada').value);
    fetch("http://localhost:3000", {
        method: "POST",
        headers: {
            "Content-Type": "text/plain"
        },
        body: JSON.stringify(myVar)
    }).then(function(response) {
        return response.json();
    }).then(function(muutuja){
        document.getElementById('väljund').innerHTML = JSON.stringify(muutuja);
    });
}

however, since your code isn't really interested in JSON (it stringifies the object after all) - it's simpler to do

function send(){
    var myVar = {"id" : 1};
    console.log("tuleb siia", document.getElementById('saada').value);
    fetch("http://localhost:3000", {
        method: "POST",
        headers: {
            "Content-Type": "text/plain"
        },
        body: JSON.stringify(myVar)
    }).then(function(response) {
        return response.text();
    }).then(function(muutuja){
        document.getElementById('väljund').innerHTML = muutuja;
    });
}

Amphetamine answered 12/3, 2017 at 23:43 Comment(0)

In my case, the problem was the protocol. I was trying to call a script url with http instead of https.

Bungle answered 11/4, 2019 at 16:49 Comment(0)

try this

 await fetch(url, {
      mode: 'no-cors'
 })

Joachima answered 19/5, 2021 at 18:35 Comment(2)

While this code may answer the question, providing additional context regarding how and/or why it solves the problem would improve the answer's long-term value. – Flynt 19/5, 2021 at 21:6

this works, but what does it actually prevent or would this cause further issues for your app by using this code? – Estreat 16/5, 2022 at 18:44

See mozilla.org's write-up on how CORS works.

You'll need your server to send back the proper response headers, something like:

Access-Control-Allow-Origin: http://foo.example
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Bear in mind you can use "*" for Access-Control-Allow-Origin that will only work if you're trying to pass Authentication data. In that case, you need to explicitly list the origin domains you want to allow. To allow multiple domains, see this post

Transcalent answered 16/1, 2018 at 18:42 Comment(0)

I was getting this error and realized my server.js wasn't running.

Contortionist answered 21/7, 2022 at 0:25 Comment(0)

you can use solutions without adding "Access-Control-Allow-Origin": "*", if your server is already using Proxy gateway this issue will not happen because the front and backend will be route in the same IP and port in client side but for development, you need one of this three solution if you don't need extra code 1- simulate the real environment by using a proxy server and configure the front and backend in the same port

2- if you using Chrome you can use the extension called Allow-Control-Allow-Origin: * it will help you to avoid this problem

3- you can use the code but some browsers versions may not support that so try to use one of the previous solutions

the best solution is using a proxy like ngnix its easy to configure and it will simulate the real situation of the production deployment

Meyers answered 26/4, 2018 at 11:58 Comment(0)

Sometimes, please check your port number. If localhost port number is mismatch, you will get the same error as well.

Unidirectional answered 4/4, 2022 at 23:27 Comment(0)

In your backend-server go to main.ts or any main file and add this:

app.enableCors({
  origin: '*',
});

Just before:

await app.listen(YOUR_PORT)

It will surely solve this error.

Suffragette answered 17/2 at 6:57 Comment(0)

Maybe just try switching the http with https or vice-versa. This worked for me!

Cassy answered 2/3 at 20:53 Comment(1)

Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center. – Brubaker 3/3 at 8:55

Recommended topics

Hot tags