5

I'm building a SignUp form and have the following API call to POST the form:

const request = new Request('http://localhost:4300/auth/', {
 method: 'POST',
 headers: new Headers({
   'Accept'       : 'application/json',
   'Content-Type' : 'application/json',
 }),
 body: JSON.stringify({ user: data })
});

fetch(request).then(response => {
    console.log(response);
    const auth = response.headers.get('Authorization');
    console.log(auth)
});

The problem is response.headers.get('Authorization') is returning as null. Even though if I look at Chrome's Network XHR request I see the Response Headers being sent by the API server.

Why is React not providing me with response.headers via the request above?

Thanks

Improve this question

1 Answer 1

Reset to default
10

The value of the Access-Control-Expose-Headers response header for the response from http://localhost:4300/auth/ must include "Authorization" if you want your requesting frontend JavaScript code to be allowed to access the Authorization response header value.

If the response includes no value for the Access-Control-Expose-Headers header, the only response headers browsers will let you access from client-side JavaScript in your web app are Cache-Control, Content-Language, Content-Type, Expires, Last-Modified and Pragma.

See https://fetch.spec.whatwg.org/#cors-safelisted-response-header-name for the spec.

Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

Thanks but not following... Are you saying I need to update the server or the client? I'm fairly certain it's the client that's the issue because the API endpoint is working with a different client library in the same way. I'm just trying to build the SignUp flow outside of the orig client library.
For example, the client library works just fine, here's the source: github.com/timscott/react-devise/blob/master/src/actions/api.js
Notice how tryLogin is able to get the response.headers --- github.com/timscott/react-devise/blob/master/src/actions/…
I'm trying to build my own SignUp form outside of that library and while the API is responding the same, my client code isn't getting response.headers ... any ideas? Thanks
you must update your api endpoint or serve your client files from same port
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.