Missing response headers

This issue has been tracked since 2023-01-16.

Describe the bug

I have an API that returns a header along with the response that I need. The docs say that I have to use a callback onHeader to get that. I did that, but there are only 4 values available. The actual list of response headers is much longer.

To Reproduce

Thats what my code to call the API looks like:

let res: SignInResponse = await api.account.signIn(
    onHeader: (headers: Headers) => {
      let t = headers.get("Token")


      if (t !== null) {
        token.value = t
    onTrailer: (trailers) => console.log(trailers)

The console.log output is the following:

Headers(4) { "accept-encoding" → "gzip", "content-encoding" → "gzip", "content-length" → "98", "content-type" → "application/json" }

But the list of returned HTTP response headers is actually much longer and include the header (Token) that I need.

HTTP/1.1 200 OK
Accept-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept, Accept-Encoding, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Connect-Protocol-Version, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
Content-Encoding: gzip
Content-Type: application/json
Token: <TOKEN>
Vary: Origin
Date: Mon, 16 Jan 2023 17:27:16 GMT
Content-Length: 98

Environment (please complete the following information):

  • @bufbuild/connect-web version: 0.6.0
  • Framework and version: [email protected]
  • Browser and version: Mozilla Firefox 108.0.2
timostamm wrote this answer on 2023-01-16

Hey Daniel, thanks for the detailed info.

From what I see, your browser does not have access to the Token header because the request goes to a different domain. Browsers limit access to cross-domain resources, and while it looks like you already have a CORS setup (judging from the presence of Access-Control-Allow-Origin and Access-Control-Expose-Headers), your Access-Control-Expose-Headers value does not include the required Token.

If you include Token in this response header, the browser should gain access to it, and you should see it in the console.log statement. In the connect demo, we are using github.com/rs/cors, and it's been pretty convenient for us.

0x1DA117 wrote this answer on 2023-01-16

Oh how could I miss that. Thanks a lot.

More Details About Repo
Owner Name bufbuild
Repo Name connect-es
Full Name bufbuild/connect-es
Language TypeScript
Created Date 2022-02-16
Updated Date 2023-03-24
Star Count 852
Watcher Count 20
Fork Count 33
Issue Count 17


Issue Title Created Date Updated Date