Standard HTTP request header, part of the "Fetch metadata headers". Informs the server about the context in which the request has been sent (the possible values are: "cors", "navigate", "no-cors", "same-origin", and "websocket")
Questions tagged [sec-fetch-mode]
7 questions
33
votes
0 answers
Sec-Fetch-Mode and blocked CORS
So I have the same website making the same request to the same server on (1) Chrome 76 and (2) Chrome 77 from different networks and computers.
One request has (1) Sec-Fetch-Mode: no-cors, Sec-Fetch-Site: cross-site and the other one (2)…
Benjamin E.
- 5,042
- 5
- 38
- 65
24
votes
2 answers
Sec-Fetch-Mode instead of Preflight
I created login FE and finished it.
And as per usual my goto for ajax was Axios. My code is as follows.
const baseUrl = http://localhost:5000/project/us-central1/api
Axios.post(
`${baseUrl}/v1/user/login`,
{ ...data },
{
headers: {
…
Reyn
- 757
- 1
- 5
- 16
6
votes
1 answer
How http request with "Sec-Fetch-Mode: no-cors" in Blazor Webassembly
How is it possible to make a request by HttpClient with the HTTP request header Sec-Fetch-Mode: no-cors in Blazor Webassembly?
My actuel code is :
var hc = new HttpClient();
var responseHTTP = await…
Fabianus
- 633
- 7
- 16
1
vote
1 answer
Sec-Fetch-Mode, Sec-Fetch-Dest, Sec-Fetch-Site in request header creating CORS issue
On the backend endpoint that I am requesting from my website using axios, most of the browsers do not have "sec-fetch-mode" and "sec-fetch-site" set on the request headers and they seem to work fine.
However, few browsers set the headers…
Bukks
- 408
- 7
- 16
0
votes
0 answers
an unexpected request with sec-fetch-mode: none, who triggered it?
I send a request ONLY ONCE in the browser but got 2 requests logged in the server. One of them is not expected and I wonder which mechanism triggered it.
The details
Only under Chrome (see the HTTP header for version). Safari does not trigger…
addlistener
- 871
- 1
- 12
- 20
0
votes
1 answer
Sec-Fetch-Site: cross-site but it’s the same site
I have two demo apps on Heroku, let’s call them a.herokuapp.com (website) and b.herokuapp.com (CDN).
When visiting a.herokuapp.com in a browser, request is made for content (media) stored on b.herokuapp.com. This, by definition, should be a request…
s_joe77
- 19
- 5
0
votes
1 answer
request() empty in Laravel
I have a simple Laravel application, in which a third party is redirecting to a route from an external source.
This external site hits a very simple logout controller at /saml/logout
Jesse Luke Orange
- 1,949
- 3
- 29
- 71