Socket.io gives CORS error even if I allowed cors it on server
Back in 2014 they added support for method as part of the origin parameter:
let socket = io(web_server, {
cors: {
origin: function(origin, fn) {
if(origin == 'http://example.com')
return fn(null, origin);
return fn('Error Invalid domain');
}
},
});
You can validate the domain with an external call, a database or an array...
The function fn execute the following logic:
function fn(err2, origin) {
if (err2 || !origin) {
next(err2);
} else {
corsOptions.origin = origin;
cors(corsOptions, req, res, next);
}
}
Ability to dynamically define CORS headers https://github.com/socketio/socket.io/issues/1772
While migrating to socket.io v3.0+, there is a migration change on how to setup CORS. https://socket.io/docs/v3/migrating-from-2-x-to-3-0/index.html#Configuration
Before socket.io v3.0:
const io = require("socket.io")(httpServer, {
origins: ["https://example.com"],
// optional, useful for custom headers
handlePreflightRequest: (req, res) => {
res.writeHead(200, {
"Access-Control-Allow-Origin": "https://example.com",
"Access-Control-Allow-Methods": "GET,POST",
"Access-Control-Allow-Headers": "my-custom-header",
"Access-Control-Allow-Credentials": true
});
res.end();
}
});
After socket.io v3.0:
const io = require("socket.io")(httpServer, {
cors: {
origin: "https://example.com",
methods: ["GET", "POST"],
allowedHeaders: ["my-custom-header"],
credentials: true
}
});
The function is supported on the origin parameter in v3.0 of socket.io
If running Express as follows:
var app = express();
var server = app.listen(3000);
So to start socket.io, we can do the following:
var io = require('socket.io').listen(server);
The problem was because of following code:
var http = require('http').Server(app);
var io = require('socket.io')(http);
The server object passed to socket.io was not the same as the server object I'm listening on.
The accepted answer is outdated
According to the official docs, you can add it to an existing http Server https://socket.io/docs/server-initialization/#Attached-to-an-existing-HTTP-server
const server = require('http').createServer();
const options = { /* ... */ };
const io = require('socket.io')(server, options);
io.on('connection', socket => { /* ... */ });
server.listen(3000);
to enable cors using this options object seemed to do the trick
options={
cors:true,
origins:["http://127.0.0.1:5347"],
}