How does stackoverflow set origin: null in http requests

Asked Aug 04 '21 at 09:56

Active Aug 04 '21 at 10:10

Viewed 51 times

const url = 'https://nettle-feather-area.glitch.me/'
const opts = {
    headers: {
        'Content-Type': 'application/json', 
        'authorization': 'asdf',
        'x-custom-header': 'asdf',
    },
    method: 'POST',
    credentials:"include",
    body: JSON.stringify({ message: 'ping' }),
}
fetch(url,opts);

I can see that stackoverflow somehow manages to set origin to null in this request, how does it do that? Would expect origin to be https://stackoverflow.com or as commenters have mentioned maybe stacksnippets.net. Anything but null!

Is it something to do with iframes?

edited Aug 04 '21 at 10:10

asked Aug 04 '21 at 09:56

david_adler

9,690
6
57
97

1

Why should it be `stackoverflow.com`? The snippet is executed on `stacksnippets.net` – Andreas Aug 04 '21 at 09:57
yes, it's `stacksnippets.net` - I wonder if it has something to do with it being in an iframe - because stacksnippets not in an iframe don't do that – Bravo Aug 04 '21 at 10:06
yeah okay should be stacksnippets.net anything but null!! – david_adler Aug 04 '21 at 10:09
yep that looks to be it! – david_adler Aug 04 '21 at 11:16

How does stackoverflow set origin: null in http requests

0 Answers0