-1

I am running a express server just for routing purpose and client page is using axios to get the url. I have tried every possible solution i could find during this whole day, without success.

  • I understand if the request if not from the same domain, it is considered as CORS by the target server.
  • The response is then sent with a header that the request was originally from another domain.
  • The browser blocks the content and hence cannot be read as response through the response code block on the client page.

However, i can see the json page in the response by clicking on the response tab of the developer console.

Server Page

const express = require('express')
const cors = require('cors')
const app = express()

app.use(
   cors({
       credentials: true,
       origin: [
           'http://localhost:8080'           
       ]
   }),
)

app.options('*', cors());


app.use(express.static(__dirname + '/public'));

app.get('/', function (req, res) {      
   res.sendFile( __dirname + "/public/" + "index.html" );     

})

Client page

var nse = axios.create();
// delete nse.defaults.headers.common["Access-Control-Allow-Origin"];
//nse.defaults.headers.common['Access-Control-Allow-Origin']='http://localhost:8081';
// nse.defaults.headers.common['Access-Control-Allow-Methods']='POST, OPTIONS';
// nse.defaults.headers.common['Access-Control-Max-Age']= 86400;
// nse.defaults.headers.common['Access-Control-Allow-Headers']= 'Origin, Content-Type, Accept';

nse.get('https://www1.nseindia.com/live_market/dynaContent/live_watch/stock_watch/liveIndexWatchData.json'
,{ crossdomain: true })
   .then(resp => {         
       console.log("xxxxx");
      data = resp.data.data;      
        window.alert("hi");      
   })
   .catch(function (error) {
    if (error.response) {          
      console.log(error.response.data);
      console.log(error.response.status);              
        }
    });

I am getting the following error in the developer console on the firefox browser.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www1.nseindia.com/live_market/dynaContent/live_watch/stock_watch/liveIndexWatchData.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

I believe this one is tough nut to crack. Please help me to resolve this error so that i will be able to read the JSON response programatically.

pannet1
  • 1
  • 1
  • 3
  • Does this answer your question? [CORS header 'Access-Control-Allow-Origin' missing](https://stackoverflow.com/questions/31276220/cors-header-access-control-allow-origin-missing) – Josh Correia Mar 05 '21 at 23:34

2 Answers2

1

The server recognised the request, however it didn’t attach the Access-Control-Allow-Origin header to the response. The browser expects this, and because it isn’t there, the browser throws the error and prevents access to the response data (even though you can see it in the dev tools).

You need to configure CORS on your server to allow requests from the origin you’re sending the request from.

https://expressjs.com/en/resources/middleware/cors.html

Nick Dawes
  • 2,089
  • 1
  • 13
  • 20
  • Thanks Nick, The server (nseindia) recognised the request, however it did not attach the Access-Control headers to the response. The browser is blocking the JSON response because of this. I need to configure CORS on my server (localhost) to allow requests from the origin (localhost) i am sending the request from. Is my understanding correct. – pannet1 Sep 16 '20 at 20:28
  • Is nseindia a server which you control? nseindia is the server which needs to be configured to allow requests from different origins (localhost, in this case). If nseindia isn’t setup for this, the Access-Control-Allow-Origin header will never get attached to any response nseindia sends, and unfortunately your app will never be able to access the data. – Nick Dawes Sep 16 '20 at 20:45
  • Thanks Nick, yes nseindia is not my server. Meanwhile, I moved the axios code to my express routing localhost server and i got the output to the console (command shell). PS: I up-voted your reply but unfortunately, it does not get publicly displayed yet. – pannet1 Sep 16 '20 at 20:59
  • Sounds good, if you’re able to get the data without using a browser, you don’t need to worry about the browser blocking the response data :) – Nick Dawes Sep 16 '20 at 21:01
0

to someone who looking for express cors code

app.use(cors({
origin: [
    'https://www.nseindia.com' //nse url
],    
optionsSuccessStatus: 200
}))
ThisisFish
  • 416
  • 1
  • 6
  • 14