https://typesense.org logo
Join Slack
Powered by
Hi I am getting a network error when using my tpye...
# community-help
r
Hi I am getting a network error when using my tpyesense server in production, previously i was getting a cors error but added TYPESENSE_ENABLE_CORS=true to my config. Now I just get a network error when searching, using typesense instantsearch adapter in react for this. const typesenseInstantSearchAdapter = new TypesenseInstantSearchAdapter({ server: { apiKey: "t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL", nodes: [ { host: "1htyd5knup2mw0c6p-1.a1.typesense.net", port: 443, protocol: "https", }, ], connectionTimeoutSeconds: 3, numRetries: 3, }, additionalSearchParameters: { query_by: "metric_name, model_name, ticker_name", query_by_weights: "4, 3, 2", }, });
j
Cors is configured on the server side, since you’re using Typesense cloud we set it to *
Could you share a screenshot of the error from the browser console
r
Sure
message has been deleted
I also have axios.defaults.withCredentials = true;
j
I think that’s the issue, could you leave it at the default?
r
The rest of my regular requests force me to need it
And i kinda dont want to go and manually add withCredentials : true to every one of them
Im suprised this has not come up before
Yeah its working now
j
Yeah I’m surprised too… But the error message makes it sound like it won’t work with a wildcard access control origin: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard "*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
We could set a custom CORS domain for your cluster in Typesense Cloud, if you can email support at typesense dot org with your cluster ID and the list of cors domains
r
Okay that sounds good, I have to ship this, are they available on weekends?
j
Yeah, I took care of it. Could you check now?
r
Still getting it
j
Could you copy as curl the request that's failing from the network tab and paste it here?
r
message has been deleted
Sure
curl "https://1htyd5knup2mw0c6p-1.a1.typesense.net/multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL" ^ -H "accept: application/json, text/plain, */*" ^ -H "accept-language: en-US,en;q=0.9,es;q=0.8" ^ -H "content-type: text/plain" ^ -H "dnt: 1" ^ -H "origin: https://pm.alpharepo.com" ^ -H "priority: u=1, i" ^ -H "referer: https://pm.alpharepo.com/" ^ -H ^"sec-ch-ua: ^\^"Google Chrome^\^";v=^\^"125^\^", ^\^"Chromium^\^";v=^\^"125^\^", ^\^"Not.A/Brand^\^";v=^\^"24^\^"^" ^ -H "sec-ch-ua-mobile: ?0" ^ -H ^"sec-ch-ua-platform: ^\^"Windows^\^"^" ^ -H "sec-fetch-dest: empty" ^ -H "sec-fetch-mode: cors" ^ -H "sec-fetch-site: cross-site" ^ -H "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" ^ --data-raw ^"^{^\^"searches^\^":^[^{^\^"query_by^\^":^\^"metric_name, model_name, ticker_name^\^",^\^"query_by_weights^\^":^\^"4, 3, 2^\^",^\^"highlight_full_fields^\^":^\^"metric_name, model_name, ticker_name^\^",^\^"collection^\^":^\^"alpharepo-metrics^\^",^\^"q^\^":^\^"*^\^",^\^"page^\^":1,^\^"per_page^\^":5^}^]^}^"
j
Could you surround that code snippet with triple back quotes? Otherwise slack does something wierd with the double quotes and it's hard to copy paste
r
Copy code
curl "<https://1htyd5knup2mw0c6p-1.a1.typesense.net/multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL>" ^
  -H "accept: application/json, text/plain, */*" ^
  -H "accept-language: en-US,en;q=0.9,es;q=0.8" ^
  -H "content-type: text/plain" ^
  -H "dnt: 1" ^
  -H "origin: <https://pm.alpharepo.com>" ^
  -H "priority: u=1, i" ^
  -H "referer: <https://pm.alpharepo.com/>" ^
  -H ^"sec-ch-ua: ^\^"Google Chrome^\^";v=^\^"125^\^", ^\^"Chromium^\^";v=^\^"125^\^", ^\^"Not.A/Brand^\^";v=^\^"24^\^"^" ^
  -H "sec-ch-ua-mobile: ?0" ^
  -H ^"sec-ch-ua-platform: ^\^"Windows^\^"^" ^
  -H "sec-fetch-dest: empty" ^
  -H "sec-fetch-mode: cors" ^
  -H "sec-fetch-site: cross-site" ^
  -H "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" ^
  --data-raw ^"^{^\^"searches^\^":^[^{^\^"query_by^\^":^\^"metric_name, model_name, ticker_name^\^",^\^"query_by_weights^\^":^\^"4, 3, 2^\^",^\^"highlight_full_fields^\^":^\^"metric_name, model_name, ticker_name^\^",^\^"collection^\^":^\^"alpharepo-metrics^\^",^\^"q^\^":^\^"*^\^",^\^"page^\^":1,^\^"per_page^\^":5^}^]^}^"
Got it
j
Hmm, Typesense is returning the access control headers...
Copy code
curl -svo /dev/null "<https://1htyd5knup2mw0c6p-1.a1.typesense.net/multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL>" \
  -H "accept: application/json, text/plain, */*" \
  -H "origin: <https://pm.alpharepo.com>" \
  --data-raw '{"searches":[{"query_by":"metric_name, model_name, ticker_name","query_by_weights":"4, 3, 2","highlight_full_fields":"metric_name, model_name, ticker_name","collection":"alpharepo-metrics","q":"*","page":1,"per_page":5}]}'
* Host <http://1htyd5knup2mw0c6p-1.a1.typesense.net:443|1htyd5knup2mw0c6p-1.a1.typesense.net:443> was resolved.
* IPv6: (none)
* IPv4: 18.219.95.1
*   Trying 18.219.95.1:443...
* Connected to <http://1htyd5knup2mw0c6p-1.a1.typesense.net|1htyd5knup2mw0c6p-1.a1.typesense.net> (18.219.95.1) port 443
...
*  SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for <https://1htyd5knup2mw0c6p-1.a1.typesense.net/multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL>
* [HTTP/2] [1] [:method: POST]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: <http://1htyd5knup2mw0c6p-1.a1.typesense.net|1htyd5knup2mw0c6p-1.a1.typesense.net>]
* [HTTP/2] [1] [:path: /multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL]
* [HTTP/2] [1] [user-agent: curl/8.6.0]
* [HTTP/2] [1] [accept: application/json, text/plain, */*]
* [HTTP/2] [1] [origin: <https://pm.alpharepo.com>]
* [HTTP/2] [1] [content-length: 221]
* [HTTP/2] [1] [content-type: application/x-www-form-urlencoded]
> POST /multi_search?x-typesense-api-key=t9THZmU5iYcQyQ2G9VLWSITKmVjwe1wL HTTP/2
> Host: <http://1htyd5knup2mw0c6p-1.a1.typesense.net|1htyd5knup2mw0c6p-1.a1.typesense.net>
> User-Agent: curl/8.6.0
> accept: application/json, text/plain, */*
> origin: <https://pm.alpharepo.com>
> Content-Length: 221
> Content-Type: application/x-www-form-urlencoded
>
} [221 bytes data]
< HTTP/2 200
< access-control-allow-origin: <https://pm.alpharepo.com>
< content-type: application/json; charset=utf-8
<
{ [2982 bytes data]
* Connection #0 to host <http://1htyd5knup2mw0c6p-1.a1.typesense.net|1htyd5knup2mw0c6p-1.a1.typesense.net> left intact
Notice the 5th line from the bottom
Oh now the error message is complaining about something else
r
yeah it seems a little different than b efore, just caught it as well
j
The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.
To "fix" this, we would have to send this extra header in the response from Typesense Server, which is something I'm not sure is a good idea, considering Typesense does not technically require credentials to be set
So setting it, might open up unknown vectors
Another option could be to expose the withCredentials option in axios in the typesense-js library, so you can override it just for the axios instance used inside of typesense-js. However, I'm not sure what the precedence for axios config values are.
r
Okay if there isnt any solution I will try to work around with axios, anything to do with my hosting provider vercel?
j
I don't think it's hosting provider specific
It sounds like an application-level config
r
alright then, I guess I will go and adjust all the axios functions on a case by case bassi.
Hopefully this can be resolved some time in the future
Hi how can I delete this thread? I put in sensitive information
Hi do you remind removing those allowed domains?
It is breaking on my localhost and some other projects i am using the cluster for
Actually i deleted the cluster
👍 1
Open in Slack
PreviousNext
Powered by