Allow disabling engine.io from emitting CORS headers #331
Description
I've deployed a socket.io app behind Nginx, which is configured to emit CORS headers. The problem is socket.io also emits the same headers, which is disallowed by browsers due to non-duplication rule.
To fix this, I moved all CORS handling to the app. This works except when Nginx cannot reach the backend (e.g. server is restarted) and return responses without CORS headers, causing browsers to reject all requests, including the socket.io XHR polling requests. When this happens, the client app cannot see the error status and message returned by Nginx to display proper error messages to users.
It would be great if there's an option to prevent engine.io from emitting CORS headers.