-
-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CORS-header ‘Access-Control-Allow-Origin’ missing (Nextcloud) #116
Comments
In dependencies it has I am running the project (with unmodified webpack config from vue-cli vue-init commands) using |
Please post the error message you're seeing. In the mean time, try adding the following in your webpack config: {
node: {
net: "empty"
}
} |
I set
I then tried adding your suggestion to the webpack config, got the same TypeError. Then I changed the webdav version back to 1.6.1, with the same webpack config and I am back to the CORS header missing error. |
When requiring webdav, make sure not to require the default. As you'll see here, Use this: |
That indeed solves the error, and now it is back to the CORS header missing. Could it be a server side problem in Nextcloud? Is there a simple axios command that could show whether the problem is in this git or actually somewhere else (either VueJS/Webpack or Nextcloud server then I would think). |
Progress, at least 😊 In the axios request docs it simply lists |
The request headers:
And the response headers:
I hope these are the headers you are looking for? Thanks in advance! |
Great! Thanks. I’ll sort through it tomorrow but I noticed that you have an open session. Could you try in a browser window (incognito perhaps) where you don’t have a session? I have a theory that the logged in session info breaks the WebDAV CORS functionality.
|
I tried to run it in incognito, but the headers look exactly the same, the only difference being the values for |
Would be great if we could sort out the problem! Thanks for your help in advance. |
We use the new version of webdav-client in the Buttercup browser extension (master), which I've tested recently to work with the Nextcloud demo site. I don't have a Nextcloud instance myself to test on (only ownCloud, which works fine). It's not exactly a simple example, but I transpile webdav-client there using Webpack and then use it in the browser to request contents from WebDAV sources such as Nextcloud, which doesn't fail to my recollection. The new version of this extension will be out soon so hopefully that'll confirm this.
Well that's a bit of a sweeping statement.. If it's an older webdav server they may not even use CORS headers, which means that there'd be no problem. If the server is new enough to implement CORS, it's definitely then possible that this client would break when in-browser. I've seen previously that a transpiled That being said, I could be wrong on this completely due to the fact that I'm not currently testing against a live instance (relying on demo, like I said).
I've made no alterations to any webdav service to bypass CORS.
VueJS is just a UI framework.. I can't see how it'd affect network requests.
Unfortunately I don't have a simple setup I test besides the use I have for it in the Buttercup project. I regularly test it in that context as a transpiled library (using babel and webpack), and it's worked fine so far. Definitely hope we can find the solution to your issue. I plan to release the new major version of this shortly so let's see if we can't find a way around it. |
The way I understand CORS at this point, is that it is a limitation imposed by browsers on the running webpage / web application. The remote server has to respond explicitly with a CORS header (Access-Control-Allow-.......), otherwise the request is not passed to the client code. Since older or simpler webdav servers would not know about the CORS headers, requests to these servers will always be limited by the browser. As soon as the code is not running inside a webpage, the requests are not limited by CORS anymore, so a browser extension should indeed be able to access cross origin sources. |
Yeah, I get how CORS works on a basic level but I haven't delved in to all of the different ways of authenticating against it. I work with it a bit in my job but it's use within Buttercup+WebDAV has been a bit mysterious. It was previously working with Nextcloud (in the last several months) but as of today I've not been able to get it working on a demo instance. Seems that it's no longer working (their headers look very strict). Unfortunately if the Nextcloud developers are going to restrict it like this and provide no workaround, there's not going to be much we can do.. 😕 |
I do have exactly the same issue. I am trying to make a Webdav Request to next cloud from a react app. (so Node.js). My Error message is: it happens at this Code: in my Webpack config file, I have added the following:
|
These
Aha, so it probably has changed on the nextcloud side after an update then unfortunately. |
I'll close this as it's not really related to this project. I've added a notice for CORS issues. |
So I actually managed to get this stuff working. When setting up the whole stuff it is very important to configure the .htaccess file of the hosting. You will see a line with the following text: "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####". All the changes below are the changes I made above that line. The main thing you have to do is edit:
As you see here you can replace the part with your own website (and add additional websites by using | as a seperator):
I have added localhost:8080 as I am working with Vue on my website. This is highly discouraged and should be removed once the website is deployed. Now follow the tutorial as given on the README: In case you are getting a PROPFIND 405 error, this is most likely the solution:
It could be that I forgot a few changes in the .htaccess file, so in case it does not work out and you are still getting CORS errors just ping me. |
This should have nothing to do with CORS, as these paths are appended to the host passed in during the factory creation.. The two examples you gave are not equivalent. The host should include the |
Just tried to follow the guide in the readme.md to connect to a nextcloud server. The code is
But when it executes the console reports 'CORS-header ‘Access-Control-Allow-Origin’ missing'.
More information: using a standard empty VueJS project template with webdav version 1.6.1, on http://localhost:8080 and the nextcloud server is a remote server. Not sure if this is expected behaviour or not, since the example in the readme.md is doing exactly the same.
The text was updated successfully, but these errors were encountered: