-
GET Requests
-
POST/PUT Requests
-
Bonus
- Dependant Fetch Requests
- Concurrent Downloads
-
Caveats
https://github.github.io/fetch/
fetch('https://api.github.com/orgs/nodejs')
.then(response => response.json())
.then(data => {
console.log(data) // Prints result from `response.json()` in getRequest
})
.catch(error => console.error(error))
fetch('https://api.github.com/orgs/nodejs', {
headers: new Headers({
'User-agent': 'Mozilla/4.0 Custom User Agent'
})
})
.then(response => response.json())
.then(data => {
console.log(data)
})
.catch(error => console.error(error))
CORS is primarily checked at the server - so make sure your configuration is correct on the server-side.
The credentials
option controls if your cookies are automatically included.
fetch('https://api.github.com/orgs/nodejs', {
credentials: 'include', // Useful for including session ID (and, IIRC, authorization headers)
})
.then(response => response.json())
.then(data => {
console.log(data) // Prints result from `response.json()`
})
.catch(error => console.error(error))
postRequest('http://example.com/api/v1/users', {user: 'Dan'})
.then(data => console.log(data)) // Result from the `response.json()` call
.catch(error => console.error(error))
function postRequest(url, data) {
return fetch(url, {
credentials: 'same-origin', // 'include', default: 'omit'
method: 'POST', // 'GET', 'PUT', 'DELETE', etc.
body: JSON.stringify(data), // Coordinate the body type with 'Content-Type'
headers: new Headers({
'Content-Type': 'application/json'
}),
})
.then(response => response.json())
}
postForm('http://example.com/api/v1/users')
.then(data => console.log(data))
.catch(error => console.error(error))
function postForm(url) {
const formData = new FormData(document.querySelector('form.edit-user'))
return fetch(url, {
method: 'POST', // or 'PUT'
body: formData // a FormData will automatically set the 'Content-Type'
})
.then(response => response.json())
}
To post data with a Content-Type of application/x-www-form-urlencoded
we will use URLSearchParams
to encode the data like a query string.
For example, new URLSearchParams({a: 1, b: 2})
yields a=1&b=2
.
postFormData('http://example.com/api/v1/users', {user: 'Mary'})
.then(data => console.log(data))
.catch(error => console.error(error))
function postFormData(url, data) {
return fetch(url, {
method: 'POST', // 'GET', 'PUT', 'DELETE', etc.
body: new URLSearchParams(data),
headers: new Headers({
'Content-type': 'application/x-www-form-urlencoded; charset=UTF-8'
})
})
.then(response => response.json())
}
postFile('http://example.com/api/v1/users', 'input[type="file"].avatar')
.then(data => console.log(data))
.catch(error => console.error(error))
function postFile(url, fileSelector) {
const formData = new FormData()
const fileField = document.querySelector(fileSelector)
formData.append('username', 'abc123')
formData.append('avatar', fileField.files[0])
return fetch(url, {
method: 'POST', // 'GET', 'PUT', 'DELETE', etc.
body: formData // Coordinate the body type with 'Content-Type'
})
.then(response => response.json())
}
Setup a file upload element with the multiple
attribute:
<input type='file' multiple class='files' name='files' />
Then use with something like:
postFile('http://example.com/api/v1/users', 'input[type="file"].files')
.then(data => console.log(data))
.catch(error => console.error(error))
function postFile(url, fileSelector) {
const formData = new FormData()
const fileFields = document.querySelectorAll(fileSelector)
// Add all files to formData
Array.prototype.forEach.call(fileFields.files, f => formData.append('files', f))
// Alternatively for PHP peeps, use `files[]` for the name to support arrays
// Array.prototype.forEach.call(fileFields.files, f => formData.append('files[]', f))
return fetch(url, {
method: 'POST', // 'GET', 'PUT', 'DELETE', etc.
body: formData // Coordinate the body type with 'Content-Type'
})
.then(response => response.json())
}
-
The Promise returned from
fetch()
won't reject on HTTP error status even if the response is an HTTP 404 or 500. Instead, it will resolve normally, and it will only reject on network failure or if anything prevented the request from completing. -
For maximum browser compatibility when it comes to sending & receiving cookies, always supply the
credentials: 'same-origin'
option instead of relying on the default. See Sending cookies.
To have fetch
Promise reject on HTTP error statuses, i.e. on any non-2xx
status, define a custom response handler:
function checkStatus(response) {
if (response.status >= 200 && response.status < 300) {
return response
} else {
var error = new Error(response.statusText)
error.response = response
throw error
}
}
function parseJSON(response) {
return response.json()
}
fetch('/users')
.then(checkStatus)
.then(parseJSON)
.then(function(data) {
console.log('request succeeded with JSON response', data)
}).catch(function(error) {
console.log('request failed', error)
})
Bonus from https://raw.githubusercontent.com/github/fetch/
-
The Promise returned from
fetch()
won't reject on HTTP error status even if the response is an HTTP 404 or 500. Instead, it will resolve normally, and it will only reject on network failure or if anything prevented the request from completing. -
For maximum browser compatibility when it comes to sending & receiving cookies, always supply the
credentials: 'same-origin'
option instead of relying on the default. See Sending cookies.
To have fetch
Promise reject on HTTP error statuses, i.e. on any non-2xx
status, define a custom response handler:
function checkStatus(response) {
if (response.status >= 200 && response.status < 300) {
return response
} else {
var error = new Error(response.statusText)
error.response = response
throw error
}
}
function parseJSON(response) {
return response.json()
}
fetch('/users')
.then(checkStatus)
.then(parseJSON)
.then(function(data) {
console.log('request succeeded with JSON response', data)
}).catch(function(error) {
console.log('request failed', error)
})
For [CORS][] requests, use credentials: 'include'
to allow sending credentials
to other domains:
fetch('https://example.com:1234/users', {
credentials: 'include'
})
To disable sending or receiving cookies for requests to any domain, including the current one, use the "omit" value:
fetch('/users', {
credentials: 'omit'
})
The default value for credentials
is "same-origin".
The default for credentials
wasn't always the same, though. The following
versions of browsers implemented an older version of the fetch specification
where the default was "omit":
- Firefox 39-60
- Chrome 42-67
- Safari 10.1-11.1.2
If you target these browsers, it's advisable to always specify credentials: 'same-origin'
explicitly with all fetch requests instead of relying on the
default:
fetch('/users', {
credentials: 'same-origin'
})
As with XMLHttpRequest, the Set-Cookie
response header returned from the
server is a [forbidden header name][] and therefore can't be programmatically
read with response.headers.get()
. Instead, it's the browser's responsibility
to handle new cookies being set (if applicable to the current URL). Unless they
are HTTP-only, new cookies will be available through document.cookie
.