This article will show you how to get a request Origin and request host in express.js.
Related Articles:
- How to Get Current Date and Time in JavaScript.
- Node.js + MySQL : Add Forgot/Reset Password to Login-Authentication System.
- How to get the Request Host in express.js?
- How to Build a Complete API for User Login and Authentication using MySQL and Node.js.
- How to store Session in MySQL Database using express-mysql-session.
- Complete JWT Authentication and Authorization System for MySQL/Node.js API
1. What is Request Origin?
The request origin indicates the domain originating the request and where a fetch to an API originates.
The Origin header includes three parts: scheme (protocol), hostname (domain), and port :
Origin: <scheme>://<hostname>:<port>Scheme: is the protocol that is used. It can be the HTTP protocol or HHTPS protocol for the secured version.
Hostname: This contains the domain name or the IP address of the origin server.
Port: This part is optional and contains the port number on which the server is listening. If no port is given, the default port for the requested service is “80” for an HTTP URL.
2. When do browsers send the Origin header?
The Origin header is sent in the following cases:
- All the cross origin requests, because all cross-origin requests have their response tainting set to “cors“. Except for cross-origin GET or HEAD requests if made in no-cors mode.
- All same-origin requests (same-origin POST, OPTIONS, PUT, PATCH, and DELETE requests) except for GET or HEAD requests.
3. When do browsers set the origin to null?
Browsers must set an origin to null if the spec required to do so in the following cases:
| The Spec | Cases when Origin is set to null |
| HTML spec: | – Cross-origin images – Cross-origin media data, including video and audio.– Documents generated from a data: URL.– All iframes with sandbox attribute that doesn’t contain the value allow-same-origin– Documents programmatically created using createDocument().– Documents that do not have creator browsing context. – Responses that are network errors. |
| Fetch spec: | – Redirects across origins |
| URL spec | – For blob: URLs– For file: URLs– For any other URLs whose scheme is not one of http, https, ftp, ws, wss, or gopher. |
4. What is Same Origin
Some operations are restricted to same-origin content; Two requests have the same origin only when the scheme, hostname, and port are the same for both.
| Request1 Origin | Request2 Origin | Same Origin |
| http://originExample.com/app1/index.html | http://originExample.com/app2/index.html | YES Same scheme: http. Same hostname:originExample.com. Different file path. |
| http://originExample.com:80 | http://originExample.com | YES Port 80 is the default port for HTTP content. Port 443 is the default port for HTTPS content. |
| http://originExample.com/app1 | https://originExample.com/app2 | NO Different protocols: http and https. |
| http://originExample.com | http://Example.com | NO Different hostNames. |
| http://originExample.com:8080 | http://originExample.com | NO Different ports. |
Note that the same origin restriction can be lifted using CORS.
5. Get the Request Origin from the Origin header
To get the Request Origin from the headers in expess.js, add the following lines of code to the request:
app.use((req, res, next) => {
const origin = req.header('Origin');
});
Or you can use:
app.use((req, res, next) => {
const origin = req.headers.origin;
});
You can find a complete example of using request Origin in a node.js/express.js API here: Node.js + MySQL : Add Forgot/Reset Password to Login-Authentication System.
You might also like:
How to Get Current Date and Time in JavaScript.
How to Build a Complete API for User Login and Authentication using MySQL and Node.js.
Node.js + MySQL : Add Forgot/Reset Password to Login-Authentication System.
How to store Session in MySQL Database using express-mysql-session.
How to interact with MySQL database using async/await promises in node.js ?
How to use Sequelize async/await to interact with MySQL database in Node.js.
MANY-TO-MANY Association in MYSQL Database using Sequelize async/await with Node.js.
ONE-TO-ONE Association in MYSQL Database using Sequelize async/await with Node.js
ONE-TO-ONE Association in MYSQL Database using Sequelize async/await with Node.js.
How to add Routes to insert data into MySQL database-related tables in Node.js API?
Example How to use initialize() Function in Node.js/Express API .