Can't get CORS working in Firefox - node.js

I'm trying to get a simple example working with the MEAN stack and I noticed that my DELETE request does not work in Firefox. I believe this is due to CORS.
When i click a link to submit a DELETE request with angularJS to my ExpressJS backend, I see that a GET request is first called, and then the actual DELETE request is called, but the DELETE request never finishes.
This all seems to work in Chrome no problem. No unexpected GET request called, and the DELETE request actually finishes. How can I make this work in Firefox?
Express section for cors:
// CORS Stuff in app.js
app.all('*', function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Authorization, Content-Length");
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
if(req.method == 'OPTIONS') {
res.send(204);
//next();
} else {
next();
}
//res.send(200);
});
app.get('/notes', note.get(db));
app.post('/notes', note.create(db));
app.put('/notes/:id', note.update(db));
app.delete('/notes/:id', note.delete(db));
Then i have this note.js file
exports.delete = function(db) {
return function(req, res) {
console.log('were in delete middleware');
//var note_id = req.body.id;
var note_id = req.params.id;
console.log("note_id = "+note_id);
var collection = db.get('notes');
collection.remove(
{_id: note_id}
),
function(err, doc) {
console.log('were in delete middleware function');
// If it failed, return error
if (err) {
console.log('were in delete error');
res.send("There was a problem deleting that note from the database.");
} else {
console.log('were in delete success');
res.send(200);
}
}
}
}
My browser url is http://localhost:63342/express_example/public/#/
Update
My server responds to the preflight request with this:
Server console:
OPTIONS /notes/53568807130e0f701f000001 200 0ms - 2b
GET /notes 304 8ms
Browser console:

So this is not a problem with CORS, you have a small logic error in your code.
The problem is with this call:
collection.remove(
{_id: note_id}
),
I'm going to assume that it expects a second parameter which is a callback function, which is probably why you ended the statement with a , and not a ;. Also you define the callback function as the next statement but never use it. Hence why the delete never ends, the callback is never called because it wasn't passed in to the collection.remove() call.
Try this instead:
var collection = db.get('notes');
collection.remove(
{_id: note_id},
function(err, doc) {
console.log('were in delete middleware function');
// If it failed, return error
if (err) {
console.log('were in delete error');
res.send("There was a problem deleting that note from the database.");
} else {
console.log('were in delete success');
res.send(200);
}
});
Not sure why this would work for Chrome and not for firefox, but if it had to guess it would be that Chrome might be getting the 204 back from your CORS handler and just be accepting it. Thats just a guess though because the code you posted above will never return a response back to a client.

You probably shouldn't auto-reply with a 204 response unless your Express handlers have actually deleted the object. You didn't post your handlers here, but with Mongoose/MongoDB it might look like:
app.delete('/records/:recordId', function(req, res){
req.record.remove(function(err){
if (err) {
console.log("Error deleting record");
return res.json(500, {error: err});
}
return res.json(204);
});
});

The problem with what you are doing is that it opens your server to requests from all domains. The reason it was failing before is if you notice the request header has a host of localhost: 3000 but your server is only accepting requests from localhost: 63342
You probably don't need to worry about opening it up to all domains unless you are worried about someone else making an application that is hitting your server that will be running on client computers. Anyone can hit the server using fiddler or any REST client like Advanced REST Client.

Related

How to fix this "Cannot set headers after they are sent to the client" [duplicate]

I'm fairly new to Node.js and I am having some issues.
I am using Node.js 4.10 and Express 2.4.3.
When I try to access http://127.0.0.1:8888/auth/facebook, i'll be redirected to http://127.0.0.1:8888/auth/facebook_callback.
I then received the following error:
Error: Can't render headers after they are sent to the client.
at ServerResponse.<anonymous> (http.js:573:11)
at ServerResponse._renderHeaders (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:64:25)
at ServerResponse.writeHead (http.js:813:20)
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/auth.strategies/facebook.js:28:15
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/index.js:113:13
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/strategyExecutor.js:45:39)
at [object Object].pass (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/authExecutionScope.js:32:3)
at [object Object].halt (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/authExecutionScope.js:29:8)
at [object Object].redirect (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/authExecutionScope.js:16:8)
at [object Object].<anonymous> (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/auth.strategies/facebook.js:77:15)
Error: Can't set headers after they are sent.
at ServerResponse.<anonymous> (http.js:527:11)
at ServerResponse.setHeader (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:50:20)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:162:13)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:195:11)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:150:23)
at param (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:189:13)
at pass (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:191:10)
at Object.router [as handle] (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:197:6)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:198:15)
at Object.auth [as handle] (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/index.js:153:7)
Error: Can't set headers after they are sent.
at ServerResponse.<anonymous> (http.js:527:11)
at ServerResponse.setHeader (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:50:20)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:162:13)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:207:9)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:150:23)
at param (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:189:13)
at pass (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:191:10)
at Object.router [as handle] (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/router.js:197:6)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:198:15)
at Object.auth [as handle] (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/index.js:153:7)
Error: Can't set headers after they are sent.
at ServerResponse.<anonymous> (http.js:527:11)
at ServerResponse.setHeader (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:50:20)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:162:13)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:150:23)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:207:9)
at Object.auth [as handle] (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect-auth/lib/index.js:153:7)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:198:15)
at HTTPServer.handle (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:211:3)
at Object.handle (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:105:14)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:198:15)
Error: Can't set headers after they are sent.
at ServerResponse.<anonymous> (http.js:527:11)
at ServerResponse.setHeader (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:50:20)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:162:13)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:150:23)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:207:9)
at HTTPServer.handle (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:211:3)
at Object.handle (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:105:14)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:198:15)
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/session.js:323:9
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/session.js:338:9
node.js:134
throw e; // process.nextTick error, or 'error' event on first tick
^
Error: Can't set headers after they are sent.
at ServerResponse.<anonymous> (http.js:527:11)
at ServerResponse.setHeader (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/patch.js:50:20)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:162:13)
at next (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/http.js:207:9)
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/session.js:323:9
at /home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/session.js:338:9
at Array.<anonymous> (/home/eugene/public_html/all_things_node/projects/fb2/node_modules/connect/lib/middleware/session/memory.js:57:7)
at EventEmitter._tickCallback (node.js:126:26)
The following is my code:
var fbId= "XXX";
var fbSecret= "XXXXXX";
var fbCallbackAddress= "http://127.0.0.1:8888/auth/facebook_callback"
var cookieSecret = "node"; // enter a random hash for security
var express= require('express');
var auth = require('connect-auth')
var app = express.createServer();
app.configure(function(){
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser());
app.use(express.session({secret: cookieSecret}));
app.use(auth([
auth.Facebook({
appId : fbId,
appSecret: fbSecret,
callback: fbCallbackAddress,
scope: 'offline_access,email,user_about_me,user_activities,manage_pages,publish_stream',
failedUri: '/noauth'
})
]));
app.use(app.router);
});
app.get('/auth/facebook', function(req, res) {
req.authenticate("facebook", function(error, authenticated) {
if (authenticated) {
res.redirect("/great");
console.log("ok cool.");
console.log(res['req']['session']);
}
});
});
app.get('/noauth', function(req, res) {
console.log('Authentication Failed');
res.send('Authentication Failed');
});
app.get('/great', function( req, res) {
res.send('Supercoolstuff');
});
app.listen(8888);
May I know what is wrong with my code?
The res object in Express is a subclass of Node.js's http.ServerResponse (read the http.js source). You are allowed to call res.setHeader(name, value) as often as you want until you call res.writeHead(statusCode). After writeHead, the headers are baked in and you can only call res.write(data), and finally res.end(data).
The error "Error: Can't set headers after they are sent." means that you're already in the Body or Finished state, but some function tried to set a header or statusCode. When you see this error, try to look for anything that tries to send a header after some of the body has already been written. For example, look for callbacks that are accidentally called twice, or any error that happens after the body is sent.
In your case, you called res.redirect(), which caused the response to become Finished. Then your code threw an error (res.req is null). and since the error happened within your actual function(req, res, next) (not within a callback), Connect was able to catch it and then tried to send a 500 error page. But since the headers were already sent, Node.js's setHeader threw the error that you saw.
Comprehensive list of Node.js/Express response methods and when they must be called:
Response must be in Head and remains in Head:
res.writeContinue()
res.statusCode = 404
res.setHeader(name, value)
res.getHeader(name)
res.removeHeader(name)
res.header(key[, val]) (Express only)
res.charset = 'utf-8' (Express only; only affects Express-specific methods)
res.contentType(type) (Express only)
Response must be in Head and becomes Body:
res.writeHead(statusCode, [reasonPhrase], [headers])
Response can be in either Head/Body and remains in Body:
res.write(chunk, encoding='utf8')
Response can be in either Head/Body and becomes Finished:
res.end([data], [encoding])
Response can be in either Head/Body and remains in its current state:
res.addTrailers(headers)
Response must be in Head and becomes Finished:
return next([err]) (Connect/Express only)
Any exceptions within middleware function(req, res, next) (Connect/Express only)
res.send(body|status[, headers|status[, status]]) (Express only)
res.attachment(filename) (Express only)
res.sendfile(path[, options[, callback]]) (Express only)
res.json(obj[, headers|status[, status]]) (Express only)
res.redirect(url[, status]) (Express only)
res.cookie(name, val[, options]) (Express only)
res.clearCookie(name[, options]) (Express only)
res.render(view[, options[, fn]]) (Express only)
res.partial(view[, options]) (Express only)
Some of the answers in this Q&A are wrong. The accepted answer is also not very "practical", so I want to post an answer that explains things in simpler terms. My answer will cover 99% of the errors I see posted over and over again. For the actual reasons behind the error take a look at the accepted answer.
HTTP uses a cycle that requires one response per request. When the client sends a request (e.g. POST or GET) the server should only send one response back to it.
This error message:
Error: Can't set headers after they are sent.
usually happens when you send several responses for one request. Make sure the following functions are called only once per request:
res.json()
res.send()
res.redirect()
res.render()
(and a few more that are rarely used, check the accepted answer)
The route callback will not return when these res functions are called. It will continue running until it hits the end of the function or a return statement. If you want to return when sending a response you can do it like so: return res.send().
Take for instance this code:
app.post('/api/route1', function(req, res) {
console.log('this ran');
res.status(200).json({ message: 'ok' });
console.log('this ran too');
res.status(200).json({ message: 'ok' });
}
When a POST request is sent to /api/route1 it will run every line in the callback. A Can't set headers after they are sent error message will be thrown because res.json() is called twice, meaning two responses are sent.
Only one response can be sent per request!
The error in the code sample above was obvious. A more typical problem is when you have several branches:
app.get('/api/company/:companyId', function(req, res) {
const { companyId } = req.params;
Company.findById(companyId).exec((err, company) => {
if (err) {
res.status(500).json(err);
} else if (!company) {
res.status(404).json(); // This runs.
}
res.status(200).json(company); // This runs as well.
});
}
This route with attached callback finds a company in a database. When doing a query for a company that doesn't exist we will get inside the else if branch and send a 404 response. After that, we will continue on to the next statement which also sends a response. Now we have sent two responses and the error message will occur. We can fix this code by making sure we only send one response:
.exec((err, company) => {
if (err) {
res.status(500).json(err);
} else if (!company) {
res.status(404).json(); // Only this runs.
} else {
res.status(200).json(company);
}
});
or by returning when the response is sent:
.exec((err, company) => {
if (err) {
return res.status(500).json(err);
} else if (!company) {
return res.status(404).json(); // Only this runs.
}
return res.status(200).json(company);
});
A big sinner is asynchronous functions. Take the function from this question, for example:
article.save(function(err, doc1) {
if (err) {
res.send(err);
} else {
User.findOneAndUpdate({ _id: req.user._id }, { $push: { article: doc._id } })
.exec(function(err, doc2) {
if (err) res.send(err);
else res.json(doc2); // Will be called second.
})
res.json(doc1); // Will be called first.
}
});
Here we have an asynchronous function (findOneAndUpdate()) in the code sample. If there are no errors (err) findOneAndUpdate() will be called. Because this function is asynchronous the res.json(doc1) will be called immediately. Assume there are no errors in findOneAndUpdate(). The res.json(doc2) in the else will then be called. Two responses have now been sent and the Can't set headers error message occurs.
The fix, in this case, would be to remove the res.json(doc1). To send both docs back to the client the res.json() in the else could be written as res.json({ article: doc1, user: doc2 }).
I ran into this error as well for a while. I think (hope) I've wrapped my head around it, wanted to write it here for reference.
When you add middleware to connect or express (which is built on connect) using the app.use method, you're appending items to Server.prototype.stack in connect (At least with the current npm install connect, which looks quite different from the one github as of this post). When the server gets a request, it iterates over the stack, calling the (request, response, next) method.
The problem is, if in one of the middleware items writes to the response body or headers (it looks like it's either/or for some reason), but doesn't call response.end() and you call next() then as the core Server.prototype.handle method completes, it's going to notice that:
there are no more items in the stack, and/or
that response.headerSent is true.
So, it throws an error. But the error it throws is just this basic response (from the connect http.js source code:
res.statusCode = 404;
res.setHeader('Content-Type', 'text/plain');
res.end('Cannot ' + req.method + ' ' + req.url);
Right there, it's calling res.setHeader('Content-Type', 'text/plain');, which you are likely to have set in your render method, without calling response.end(), something like:
response.setHeader("Content-Type", "text/html");
response.write("<p>Hello World</p>");
The way everything needs to be structured is like this:
Good Middleware
// middleware that does not modify the response body
var doesNotModifyBody = function(request, response, next) {
request.params = {
a: "b"
};
// calls next because it hasn't modified the header
next();
};
// middleware that modify the response body
var doesModifyBody = function(request, response, next) {
response.setHeader("Content-Type", "text/html");
response.write("<p>Hello World</p>");
response.end();
// doesn't call next()
};
app.use(doesNotModifyBody);
app.use(doesModifyBody);
Problematic Middleware
var problemMiddleware = function(request, response, next) {
response.setHeader("Content-Type", "text/html");
response.write("<p>Hello World</p>");
next();
};
The problematic middleware sets the response header without calling response.end() and calls next(), which confuses connect's server.
I had this same issue and realised it was because I was calling res.redirect without a return statement, so the next function was also being called immediately afterwards:
auth.annonymousOnly = function(req, res, next) {
if (req.user) res.redirect('/');
next();
};
Which should have been:
auth.annonymousOnly = function(req, res, next) {
if (req.user) return res.redirect('/');
next();
};
Lots of people hit this error. It's a confusing this with async processing. Most likely some of your code is setting headers in the first tick and then you are running an async callback in a future tick. In between, the response header gets sent, but then further headers (like a 30X redirect) try to add extra headers, but it's too late since the response header has already been transmitted.
I'm not sure exactly what's causing your error, but look at any callbacks as potential areas to investigate.
One easy tip to simplify your code. Get rid of app.configure() and just call app.use directly in your top level scope.
See also the everyauth module, which does Facebook and a dozen or so other 3rd party authentication providers.
This type of error you will get when you pass statements after sending a response.
For example:
res.send("something response");
console.log("jhgfjhgsdhgfsdf");
console.log("sdgsdfhdgfdhgsdf");
res.send("sopmething response");
Will result in the error you are seeing, because once the response has been sent, the following res.send will not be executed.
If you want do anything, you should do it before sending the response.
error find by itself after a RND :
1) my error code :
return res.sendStatus(200).json({ data: result });
2) my success code
return res.status(200).json({ data: result });
the difference is that i used sendStatus() instead of status().
I boiled my head over this issue and it has happened due to a careless mistake on handling the callbacks. non returned callbacks cause the response to be set twice.!
My program had a code which validate request and query the DB. after validating if error is there, I was calling back the index.js with the validation errors .
And if validation passes it goes ahead and hit the db with success/failure.
var error = validateRequestDetails("create",queryReq);
if (error)
callback(error, null);
else
some code
callback(null, success);
What was happening is : Incase validation fails the callback get called and response get set. But not returned. So it still continues the method goes to db and hit success/failure . It calls the same callback again causing the response to be set twice now.
So solution is simple, you need to 'return' the callback so that the method don't continue executing, once the error has occurred and hence set the response object once
var error = validateRequestDetails("create",queryReq);
if (error)
callback(error, null);
return;
else
some code
callback(null, success);
I simply add the return keyword like:
return res.redirect("/great"); and it worked!
This error happens when you send 2 responses. For example :
if(condition A)
{
res.render('Profile', {client:client_});
}
if (condition B){
res.render('Profile', {client:client_});
}
}
Imagine if for some reason condition A and B are true so in the second render you'll get that error
Sometimes you may get this error when you try to call next() function after res.end or res.send , try to delete if you have next() after res.send or res.end in your function.
Note: here next() means after responding to the client with your response(i.e res.send or res.end) you are still trying to execute some code to respond again so it is not legal.
Example :
router.get('/',function (req,res,next){
res.send("request received");
next(); // this will give you the above exception
});
remove next() from above function and it will work.
If you are using callback functions use return after the err block. This is one of the scenarios in which this error can happen.
userModel.createUser(data, function(err, data) {
if(err) {
res.status = 422
res.json(err)
return // without this return the error can happen.
}
return res.json(data)
})
Tested on Node version v10.16.0 and express 4.16.4
there is something else that cause this error and it is when you do not add return keyword in front of res.send, res.json, etc...
Please check if your code is returning multiple res.send() statements for a single request. Like when I had this issue....
I was this issue in my restify node application. The mistake was that
switch (status) {
case -1:
res.send(400);
case 0:
res.send(200);
default:
res.send(500);
}
I was handling various cases using switch without writing break. For those little familiar with switch case know that without break, return keywords. The code under case and next lines of it will be executed no matter what. So even though I want to send single res.send, due to this mistake it was returning multiple res.send statements, which prompted
error: can't set headers after they are sent to the client.
Which got resolved by adding this or using return before each res.send() method like return res.send(200)
switch (status) {
case -1:
res.send(400);
break;
case 0:
res.send(200);
break;
default:
res.send(500);
break;
}
In my case it was a 304 response (caching) that was causing the issue.
Easiest solution:
app.disable('etag');
Alternate solution here if you want more control:
http://vlasenko.org/2011/10/12/expressconnect-static-set-last-modified-to-now-to-avoid-304-not-modified/
For anyone that's coming to this and none of the other solutions helped, in my case this manifested on a route that handled image uploading but didn't handle timeouts, and thus if the upload took too long and timed out, when the callback was fired after the timeout response had been sent, calling res.send() resulted in the crash as the headers were already set to account for the timeout.
This was easily reproduced by setting a very short timeout and hitting the route with a decently-large image, the crash was reproduced every time.
In my case this happened with React and postal.js when I didn't unsubscribe from a channel in the componentWillUnmount callback of my React component.
Just leaned this. You can pass the responses through this function:
app.use(function(req,res,next){
var _send = res.send;
var sent = false;
res.send = function(data){
if(sent) return;
_send.bind(res)(data);
sent = true;
};
next();
});
This happens when response was delivered to client and again you are trying to give response. You have to check in your code that somewhere you are returning response to client again which causes this error. Check and return response once when you want to return.
Please search if in your app.get to not set status before res.send("your result");
I just removed :
res.sendStatus(200);
and response works after that !!!
res.send("your result");
A newer version of Node supports res.headersSent boolean expression. You can use it to validate whether you already sent a response:
if (!res.headersSent) // if doesn't sent yet
res.status(200).send({ "message": "This is a message" })
Note! Although this works and answers the question, it's not the right way to solve the problem, and is not recommended!
Sending a response more than once indicates that you have a problem in your code that should be fixed (It's the same as using two return statements, one after another, in your function. it's a bug).
Add this middlware and it will work
app.use(function(req,res,next){
var _send = res.send;
var sent = false;
res.send = function(data){
if(sent) return;
_send.bind(res)(data);
sent = true;
};
next();
});
If you din't get help from above : for noobs
The reason behind this error is sending request multiple times let us understand from some cases:-
1. `
module.exports = (req,res,next)=>{
try{
const decoded = jwt.verify(req.body.token,"secret");
req.userData = decoded;
next();
}catch(error){
return res.status(401).json({message:'Auth failed'});
}
next();
}
`
in the above calling next() twice will raise an error
router.delete('/:orderId', (req, res, next) => {
Order.remove({_id:req.params.orderId},(err,data)=>{
if(err){
**res.status(500).json(err);**
}else{
res.status(200).json(data);
}
*res.status(200).json(data);*
})
})
here respond is send twice check whether you already sent a response
It is very likely that this is more of a node thing, 99% of the time it's a double callback causing you to respond twice, or next()ing twice etc, damn sure. It solved my problem was using next() inside a loop. Remove the next() from the loop or stop calling it more than one times.
If you uses two of res.end() function in one api call, this error shows
for example
app.post("/auth", function (request, res) {
var username = request.body.username;
var password = request.body.password;
if (username && password) {
let sql =
"SELECT username, worker_name, worker_surname, id FROM workers where username = ? AND password=?";
con.query(sql, [username, password], function (error, results, fields) {
if (results.length > 0) {
res.status(200).send(results);
res.end();
}
res.status(404).send("Incorrect Username and/or Password!");
});
} else {
res.send("Please enter Username and Password!");
}
res.end();
});
sometimes only writing
res.status(200).json({success: 'user authenticated');
is not enough.
For hours , i found we have to return return response sometimes.
Like this
return res.status(200).json({success: 'user authenticated');
so that It can terminate whenever in some conditional statement and doesn't run other .
The problem was exist from /auth/facebook route to make things ease to understand, once that you sent a response already from the client, you must NOT set any other functions below for next successor block, it is also related on being Synchronous of JavaScript,
for deep understanding, it is looks like this code;
async function getRequest(){
let data = await API.get();
return data;
let json = data.json(); // will not read this line
}
on your case, console.log("ok cool."); and console.log(res['req']['session']) must be put before res.redirect("/great")
Hope it make sense, Welcome :)
I had the same issue. For me i had 2 res.json(event) was giving this error to me.
res.json(savedEvent);
res.json({ event });
We should pass only single response will work.
res.json(event);
I got a similar error when I tried to send response within a loop function. The simple solution was to move the
res.send('send response');
out of the loop since you can only send response header once.
https://www.tutorialspoint.com/nodejs/nodejs_response_object.htm
Check your code. For me, I used res.status twice in the same if statement. First one set the header status and the second one tried to change it, which caused the problem.

Express.js Routing error: Can't set headers after they are sent

I'm not really sure why I'm getting this error. It's a simple API built on express.js to be able to add and remove posts. The error occurs when I trigger the delete router. I've read that the error typically happens when there are two callbacks, however, I don't seem to be able find any double callbacks.
_http_outgoing.js:344
throw new Error('Can\'t set headers after they are sent.');
Error: Can't set headers after they are sent.
at ServerResponse.OutgoingMessage.setHeader (_http_outgoing.js:344:11)
at ServerResponse.header (/Users/bounty/Projects/_learning/react-express/node_modules/express/lib/response.js:718:10)
at ServerResponse.send (/Users/bounty/Projects/_learning/react-express/node_modules/express/lib/response.js:163:12)
at ServerResponse.json (/Users/bounty/Projects/_learning/react-express/node_modules/express/lib/response.js:249:15)
at /Users/bounty/Projects/_learning/react-express/server/routes/posts.js:86:9
at nextTickCallbackWith0Args (node.js:452:9)
at process._tickCallback (node.js:381:13)
Here is my posts.js router:
module.exports = function(router) {
var Post = require('../models/post.js');
// middleware for the api requests
router.use(function(req, res, next) {
// do logging
console.log('something is happening.');
next(); // make sure we go to our next route and don't stop here
});
// test route to make sure everything is working (accessed at GET http://localhost:8080/api)
router.get('/', function(req, res) {
res.json({ message: 'hooray! welcome to our api!' });
});
// all routes here
// routes that end in /posts
router.route('/posts')
// create a Post (accessed at POST http://localhost:7777/api/posts)
.post(function(req, res) {
var post = new Post();
post.postTitle = req.body.postTitle; // set the post name (comes from request)
// save post and check for errors
post.save(function(err) {
if (err)
res.send();
res.json({ message: 'post created!' });
});
})
// get all Posts (accessed at GET http://localhost:7777/api/posts)
.get(function(req, res) {
Post.find(function(err, posts) {
if (err)
res.send();
res.json(posts);
});
});
// routes that end in /posts for specific id
router.route('/posts/:post_id')
// get the post with that id
.get(function(req, res) {
Post.findById(req.params.post_id, function(err, post) {
if (err)
res.send(err);
res.json(post);
});
})
// update the post with that id
.put(function(req, res) {
Post.findById(req.params.post_id, function(err, post) {
if (err)
res.send(err);
post.postTitle = req.body.postTitle;
// save the post
post.save(function(err) {
if (err)
res.send(err);
res.json({ message: 'post updated!' });
});
});
})
// deletes the post with that id
.delete(function(req, res) {
Post.remove({
_id: req.params.post_id
}, function(err, post) {
if (err) {
res.send(err);
}
res.json({ message: 'post deleted!' });
});
});
}
You need to add the 'return' so that you don't reply twice.
// save post and check for errors
post.save(function(err) {
if (err) {
return res.send();
}
res.json({ message: 'post created!' });
});
That particular error message is pretty much always caused because of a timing error in the handling of an async response that causes you to attempt to send data on a response after the response has already been sent.
It usually happens when people treat an async response inside an express route as a synchronous response and they end up sending data twice.
One place I see you would get this is in any of your error paths:
When you do this:
// save post and check for errors
post.save(function(err) {
if (err)
res.send();
res.json({ message: 'post created!' });
});
If post.save() generates an error, you will do res.send() and then you will do res.json(...) after it. Your code needs to have a return or an else so when there's an error you don't execute both code paths.
So, this can happen in Express when attempting to send res.end twice which res.send and res.json both do. In your if(err) block you'll want to return res.send() as res.send runs asynchronously and res.json is getting called as well. I'm wondering if you're getting an error in your delete route? Hope this helps.
Best!
You are using res.send() or res.json() twice in the same request
this send the headers first, followed by body of the response and then headers again.
req.next is usually not a function, next is rather passed as a third argument of the middleware. Use that if you want to drop to the next middleware. (assuming you are using Express framework)
Just for the sake of completeness I will also mention that:
Sometime problem may be in a the middleware you may be using by calling
app.use.
After checking for obvious errors as mentioned in previous answers:
You should remove all the app.use statement then reintroduce them one by one, to find problematic module.
If you are using res.send() inside any loop, then you need to break it after the use of res.send(). So that it won't allow resetting of the res headers again and again.
for e.g :
for(){
if(){
res.send();
break;
}
else(){
res.send();
break;
}
}
In my case this is the problem and I solved it like this.
Hope it may help someone in future.
Thanks
For a quick fix you can just check res.finished before calling res.send():
if (!res.finished)
res.send()

Nodejs Using domain.dispose() causes server to respond with status 0

When I use domain.dispose() in Node.js expressjs based HTTP Server, the client making HTTP sees a response code of 0 (Could not get any response). If I remove domain.dispose() I receive 500 error with the desired error message. Below is my code
//Enable domains
app.use(function(req, res, next){
var createDomain = require('domain').create;
var domain = createDomain();
domain.add(req);
domain.add(res);
domain.run(function() {
next();
});
domain.on('error', function(e) {
//no further domain watch required
domain.dispose(); //if I remove this line status code of 500 is received on client, otherwise 0 or no response is received
next(e);
});
});
//Respond with 500 for Unhandled errors
app.use(function(err, req, res, next) {
// If the error object doesn't exists
if (!err) return next();
// Log it
req.log.error(err);
//console.error(err.stack);
try{
if(req.path && req.path.indexOf('/api/') === 0){
if(!res.headersSent){
console.log('responded with an error');
res.status(500).send({error: err.message});
console.log('responded with an error ACK');
}
return;
}
// Error page
res.status(500).render('500', {
error: err.stack
});
} catch(ex){
console.log('An error occured while responding 500');
req.log.error(ex);
}
});
Can anyone explain this or a better solution? Removing domain.dispose() may cause further exceptions, which may cause to re-enter the domain, and I do want to acknowledge client with the exception message as in my code.
This is expected behaviour of domains. Since you have explicitly added req and res to domain, so they are disposed as well. Don't use dispose, it does unexpected things. When you catch an error with domain the only sensible thing to do is to shutdown the process as quickly as possible.

Handle jade errors in res.render()

I have a working node.js / express based server and am using jade for templating. Usually there is no problem but a couple of times every day I get an error message when requsting any page. The error is 'failed to locate view'. I don't know why i get this error since it worked fine just minutes before.
The question however is how I can force a crash on this event, for example:
res.render('index.jade', {info: 'msg'}, function(error, ok) {
if (error)
throw new Error('');
// Proceed with response
};
How would I do this? And how would I proceed with the response?
thank you.
You can add an error handling middleware.
app.use(function handleJadeErrors(err, req, res, next) {
// identify the errors you care about
if (err.message === 'failed to locate view') {
// do something sensible, such as logging and then crashing
// or returning something more useful to the client
} else {
// just pass it on to other error middleware
next(err);
}
});
Try this:
app.use(function (req, res, next) {
fs.exists(__dirname + '/views/' + req.url.substring(1) + '.jade', function (exists) {
if(!exists) {
console.log(err);
return next();
}
res.render(req.url.substring(1), { title: "No Controller", user: req.session.user });
}
});

How to debug headers sent errors in Node.js

I'm getting a lot of Can't set headers after they are sent errors, and they never seem to give me line numbers in my app.js, is this normal? How do people debug these errors?
My code that is throwing the headers error looks like this, is it doing something weird to hide the line numbers?
app.get('/', function(req, res, next) {
if (req.param('q')) {
searchProvider.search(
req.param('q'),
function( error, results) {
res.render('search', {
locals: {
results: results,
q: req.param('q')
},
});
}
);
} else {
res.render('index');
}
});
Can't set headers after they are sent
Is a common error which means your basically calling res.render, res.end or res.send multiple times. This means your trying to write multiple HTTP responses to one HTTP request (this is invalid).
A common cause of this bug is calling next twice in a piece of middleware.
Maybe you have a piece of middleware like
app.all("*", function(req, res, next) {
// not logged in
if (!req.user) {
res.render("loginError");
}
// bad accidental next call!! Will call next after rendering login error
next();
});

Resources