https://kotlinlang.org logo
Join Slack
Powered by
has anyone got experience using heroku? i deployed...
# server
n
has anyone got experience using heroku? i deployed my app there yesterday, everything worked.. now i am opening it again and my broswer 
fetch
requests fail
Copy code
Access to fetch at '<https://pentagame.herokuapp.com/api/status>' from origin '<http://pentagame.herokuapp.com>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
as if all the cors settings i set in Ktor had no effect anymore
m
n
well i do
i am not sure how i do not use https
m
Your error message states that you were on http://pentagame.herokuapp.com instead of https://pentagame.herokuapp.com 🙂
n
the error happens when i go to multiplayer and the app sends a request to /api/status
then i guess thats some redirect issue
m
maybe
It’s a good idea to make sure that your server always denies unencrypted connections That’s more secure and makes it obviousw when such an incorrect redirect happens accidentally.
n
well at least a HttpRedirect Feature does not work
m
It also depends on the 
XForwardedHeaderSupport
feature being installed.
Due to Heroku’s SSL termination Ktor only sees a normal non-HTTPS connection. Using the 
XForwardedHeaderSupport
Ktor will analyze the request headers and see that Heroku did that and properly use HTTPS in situations like redirects.
n
do the features have to be installed in order ?
yes it has to be.. this works now, i stole your HttpsEnforcer for now
đź‘Ť 1
m
do the features have to be installed in order ?
yes
Open in Slack
PreviousNext
Powered by