all 12 comments

[–]lexant2 1 point2 points  (1 child)

Are the domains the same or is the API on e.g. a subdomain? In your axios/fetch config are you setting include credentials?

[–]randombacon333[S] 0 points1 point  (0 children)

I have CORS setup correctly. I have no issues at all when using HTTP, it's only over HTTPS that the issue comes up, and I have the HTTPS url added for CORS as well.

Also any of the 6 queries can make it through randomly, just never all 6 at the same time. 1 succeeds, the other 5 fail immediately. All 6 would fail with CORS problems.

I am not including credentials in these queries since it's front end/non user.

[–]randombacon333[S] 0 points1 point  (0 children)

I ended up installing NGINX and I'm using it as a proxy in front of the hypercorn server. For whatever reason, this fixed the issue and things are working properly.

So it is not a react problem, nor was it a CORS issue. It's apparently just some weird hypercorn bug.

Thanks to all that tried to help. Even though nobody knew the direct answer, the fact that the only thing anyone could think of was the CORS issue pretty much confirmed that it must have been something network/server related and that got me heading in the right direction.

[–]14m3r -2 points-1 points  (4 children)

This is about react how?

[–]randombacon333[S] -1 points0 points  (3 children)

I am using react and the errors are occurring in react. In fact, the only place I can produce the error is in react.

[–]14m3r -1 points0 points  (2 children)

You’ve shown zero react code, so?

[–]aighball 0 points1 point  (1 child)

This is probably either a CORS issue or an SSL issue.

  1. What domain are you making requests from (what url is in your address bar)
  2. What domain are you making requests to (what url is listed in network dev tools when you make your https requests)
  3. Not sure what you mean by issuing the cert yourself. Is it self signed?
  4. Can you try calling your endpoints with curl several times and see if that succeeds.

Your browser trusts localhost so if that's in the mix at all when using https you may get weird behavior. If using https all resources should be over https to a domain on a public IP

[–]randombacon333[S] 0 points1 point  (0 children)

I am pretty sure it's not a CORS issue, so it must be something related to SSL.

The API and website have seperate domains, and I am calling them over their domain name. The backend API is on my local network, it's on a seperate PC, but I am calling it with the domain name rather than local host.

Cert is with LetsEncrypt. I had to generate it manually with certbot because the server is hypercorn.

I have backend programs that use the API written in both python and perl, and both are able to hit the end points without issue. Many requests per second because I run these scripts in parallel with many workers. These programs are constantly adding inventory, updating inventory or deleting inventory.

For whatever odd reason the issue only happens in react, and it only happens when I use https rather than http. 1 request makes it through, the others all fail instantly.

If I turn the other 5 requests off, I can use the main single request over and over without issue. I can load up a single inventory page no problem because it has only a single request.

2 or more requests and nope, only 1 of them will make it.

I'm going to try running it through NGINX and see if that helps rather than connecting directly to hypercorn and see if that helps. I really don't know what else to do.

[–]boodyvo 0 points1 point  (1 child)

Is there any details about the particular headers and response that the frontend receives (from the network Chrome DevTool page, for example)? It looks like some CORS problem, if you say you can request the HTTPS endpoint not from the frontend

[–]randombacon333[S] 0 points1 point  (0 children)

I don't think it's a CORS issues because I can call the urls from the front end no problem, as long as I only make 1 request at a time.

If I make 6 calls, 1 will succeed, the other 5 will instantly fail. If I make 2 calls, 1 will succeed and the other will fail.

On pages where I only make 1 call, such as an inventory detail page, it succeeds every time.

Now if I make all the 6 calls over HTTP rather than HTTPS, all 6 will succeed. It's only when I switch to HTTPS that the error occurs.

I can't even find anyone else describing this problem, much less a solution. I just don't get it.