dart:html HttpRequest Refused to set unsafe header & No Access-Control-Allow-Origin

Issue

I want to put the value to the Http Header(etc Cookie, User-Agent …)

When setting “Cookie” & “User-Agent” values in Http Header the following error message is displayed.

How do can I put a value in Http Header?

Refused to set unsafe header “Cookie”
Refused to set unsafe header “User-Agent”
XMLHttpRequest cannot load serverip. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘datium server’ is therefore not allowed access.

import "dart:html";
import "dart:convert";


final ButtonElement loginButton = querySelector("#login");

void main() {

  loginButton.onClick.listen((e) {

    requstTest();

  });

}

void requstTest(){

  var request = new HttpRequest();

  request.open('GET', 'serverurl');

  request.setRequestHeader("Cookie", "JSESSIONID : cdsfasdfA49596CBD1949");

  request.setRequestHeader("User-Agent", "test");

  request.onLoad.listen((event) => print('Request complete ${event.target.reponseText}'));

  request.send();
}

Solution

Setting cookies for individual HtmlRequest calls seems not to be allowed on the client

Refused to set unsafe header "Cookie" with ajax call Rest server

You can set cookies on the document

document.cookie = "JSESSIONID=caölsdjf";

There are libraries available to make this easier: https://pub.dartlang.org/packages/cookie

Faking the user-agent is generally not allowed in browsers as far as I know.

This spec contains the list of headers which browsers must not allow:

https://dvcs.w3.org/hg/xhr/raw-file/tip/Overview.html#dom-xmlhttprequest-setrequestheader

Answered By – Günter Zöchbauer

Answer Checked By – Gilberto Lyons (FlutterFixes Admin)

Leave a Reply

Your email address will not be published. Required fields are marked *