• Building

  • Godot HTTPRequest not working for my API in HTML5

Hello!

I am trying to implement the HTTPRequest node in Godot to call an API I have created. I have a project that is exported to HTML5 and is supposed to send an HTTPRequest to http://localhost:8000/2/tokens/update when the game finishes. However, the request never seems to send, despite the fact that the request() function is not returning any errors and the url it is using seems to be correct.

Here is the code in the HTTPRequest node:

func giveTokens(url, amount):

var full_url = str(url)+'?amount='+str(amount)

# Convert data to json string:

var query = JSON.print({'amount': amount})

# Add 'Content-Type' header:

var headers = ["Content-Type: text/html; charset=UTF-8", "Access-Control-Allow-Credentials: true", "Access-Control-Allow-Origin: *"]

var error = self.request(full_url, headers, false, HTTPClient.METHOD_PUT, query)

JavaScript.eval("console.log("+str(error)+");")

JavaScript.eval("console.log('"+str(full_url)+"');")

And here is the code that calls it:

func _on_GameTimer_timeout():

$GameOver.score = score

$`[`GameOver.show`](https://GameOver.show)`()

var url = "`[`http://localhost:8000/2/tokens/update`](http://localhost:8000/2/tokens/update)`"

#if OS.get_name()=="HTML5":

#	url = JavaScript.eval("""url""")

$HTTPRequest.giveTokens(url, score)

get_tree().paused = true

I know that _on_GameTimer_timeout() works because the game pauses when the game timer goes to 0. In addition, I also know that the API I am using works properly because I can use it perfectly with Postman. The API is hosted on the same hostname (localhost:8000) and I am using Firefox on Windows.

I am completely stumped on what to do. Any help would be greatly appreciated!

a year later

get_tree().paused = true

I spent several hours last night trying to get HTTPRequest working. I finally figured out that the problem was that the game was paused (get_tree().paused = true). The resolution was to set the HTTPRequest::pause_mode property to PAUSE_MODE_PROCESS.

It works correctly now in the Editor, and for Android and Linux/X11 export. I haven't gotten the HTML5 export working yet.

I found a solution for the HTML5 export case, at least in my situation of using a PHP server-side script.

I added at the beginning of the PHP script:

if (isset($_SERVER['HTTP_ORIGIN'])) {
	header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
	header('Access-Control-Allow-Credentials: true');
	header('Access-Control-Max-Age: 8640000'); // cache for 100 days
}

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
	if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
		header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
	if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
		header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}

Source: https://github.com/godotengine/godot/issues/25668#issuecomment-628589848

Regarding my previous post:

I found that the code in the server-side PHP script that outputs the extra headers is only needed when using the Editor's HTML5 Run in Browser feature.

If the exported HTML5 is actually located on the same server as the PHP script, then the extra headers are not needed.

That's consistent with the Same-origin policy mentioned in the link in my previous post.

I found that the code in the server-side PHP script that outputs the extra headers is only needed when using the Editor's HTML5 Run in Browser feature.

Is there something we should change in the editor's built-in HTTP server? If so, please open an issue on GitHub: https://github.com/godotengine/godot

My impression is that this is a not a Godot issue, but an issue resulting from an intentional HTTP security policy.

I'm very rusty on web programing, so I'm not sure. Are there any web programming experts around who could provide a definite answer?

Yeah looks like this might be a measure against hacks via cross-site scripting