chrome not sending preflight, firefox seems to be working #226
Description
I'm connecting to an ESP32 running espasyncwebserver. I want to serve my react app via amazon S3. After battling much I've managed to get firefox working but chrome refuses to send the preflight.
my react is something like this
var headers = {
headers: {
'Access-Control-Request-Private-Network': 'true',
'Access-Control-Request-Origin': '*',
'Access-Control-Request-Method': 'GET',
'Access-Control-Request-Headers': '*'
}
}
var url = "http://"+ cookies.ip_or_hostname+ "/events"
var source = new EventSourcePolyfill(url,headers);
my esp32 is something like this
ws.onEvent(onWsEvent);
server.on("/events",HTTP_OPTIONS,[](AsyncWebServerRequest * request) {
printf("got preflight");
int headers = request->headers();
int i;
for(i=0;i<headers;i++){
AsyncWebHeader* h = request->getHeader(i);
Serial.printf("HEADER[%s]: %s\n", h->name().c_str(), h->value().c_str());
}
request->send(200, "text/plain", "Post route");
});
server.addHandler(&ws);
server.addHandler(&events);
DefaultHeaders::Instance().addHeader("Access-Control-Allow-Origin", "*");
DefaultHeaders::Instance().addHeader("Access-Control-Allow-Headers", "*");
DefaultHeaders::Instance().addHeader("Access-Control-Allow-Method", "*");
DefaultHeaders::Instance().addHeader("Access-Control-Allow-Private-Network", "true");
server.begin();
...
same code in firefox is working great
and here are the headers
chrome doesn't even show any headers, and my esp32 never see's a OPTIONS request. it seems to be blocked in chrome before it can be sent
the console log in chrome says:
index-cors2.html?ip=192.168.1.87:2 setting up websocket ws://192.168.1.87/els
index-cors2.html:1 Access to fetch at 'http://192.168.1.87/events' from origin 'http://espels.s3.us-west-2.amazonaws.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.
index-cors2.html?ip=192.168.1.87:2
index-cors2.html?ip=192.168.1.87:2 TypeError: Failed to fetch
at N.open (index-cors2.html?ip=192.168.1.87:2:6507)
at Z (index-cors2.html?ip=192.168.1.87:2:11010)
at index-cors2.html?ip=192.168.1.87:2:10266
Y @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
Promise.then (async)
N.open @ index-cors2.html?ip=192.168.1.87:2
Z @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
setTimeout (async)
Y @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
Promise.then (async)
N.open @ index-cors2.html?ip=192.168.1.87:2
Z @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
setTimeout (async)
Y @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
Promise.then (async)
N.open @ index-cors2.html?ip=192.168.1.87:2
Z @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
q @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
os @ index-cors2.html?ip=192.168.1.87:2
Sc @ index-cors2.html?ip=192.168.1.87:2
cc @ index-cors2.html?ip=192.168.1.87:2
Vo @ index-cors2.html?ip=192.168.1.87:2
(anonymous) @ index-cors2.html?ip=192.168.1.87:2
kc @ index-cors2.html?ip=192.168.1.87:2
ac @ index-cors2.html?ip=192.168.1.87:2
k @ index-cors2.html?ip=192.168.1.87:2
P @ index-cors2.html?ip=192.168.1.87:2
index-cors2.html:1 Access to fetch at 'http://192.168.1.87/events' from origin 'http://espels.s3.us-west-2.amazonaws.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.
index-cors2.html?ip=192.168.1.87:2
GET http://192.168.1.87/events net::ERR_FAILED
at a complete loss as how to trouble shoot this.
I can share the fulll sources but I need to deal with some git issues right now. let me know if you need more source.