# INTERNAL: grpc-web: Failed to fetch

- **ID:** `grpc/grpc-web-failed-to-fetch`
- **Domain:** grpc
- **Category:** network_error
- **Error Code:** `GRPC_WEB_FETCH_FAILED`
- **Verification:** ai_generated
- **Fix Rate:** 90%

## Root Cause

Browser CORS policy or network failure prevents gRPC-Web requests from reaching the Envoy proxy or gRPC server.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| grpc-web 1.4.2 | active | — | — |
| envoy 1.28.0 | active | — | — |
| grpc-go 1.62.0 | active | — | — |
| protobuf 25.3 | active | — | — |

## Workarounds

1. **Configure Envoy CORS filter to allow the origin, methods, and headers. Example Envoy config snippet:
  http_filters:
  - name: envoy.filters.http.cors
    typed_config:
      "@type": type.googleapis.com/envoy.extensions.filters.http.cors.v3.Cors
      allow_origin_string_match:
      - prefix: "https://myapp.example.com"
      allow_methods: "POST, OPTIONS"
      allow_headers: "content-type, x-grpc-web, x-user-agent"
      max_age: "86400"
  Then restart Envoy.** (85% success)
   ```
   Configure Envoy CORS filter to allow the origin, methods, and headers. Example Envoy config snippet:
  http_filters:
  - name: envoy.filters.http.cors
    typed_config:
      "@type": type.googleapis.com/envoy.extensions.filters.http.cors.v3.Cors
      allow_origin_string_match:
      - prefix: "https://myapp.example.com"
      allow_methods: "POST, OPTIONS"
      allow_headers: "content-type, x-grpc-web, x-user-agent"
      max_age: "86400"
  Then restart Envoy.
   ```
2. **Ensure the gRPC-Web client uses the correct URL (e.g., http://localhost:8080 instead of https://localhost:8080 if TLS is not set up) and that the Envoy proxy is running and reachable. Verify with curl: curl -v http://localhost:8080/your.service/Method** (95% success)
   ```
   Ensure the gRPC-Web client uses the correct URL (e.g., http://localhost:8080 instead of https://localhost:8080 if TLS is not set up) and that the Envoy proxy is running and reachable. Verify with curl: curl -v http://localhost:8080/your.service/Method
   ```

## Dead Ends

- **** — Bypasses security but breaks in production and on other browsers; not a real fix. (95% fail)
- **** — The error is not timeout-related; it's a pre-request fetch failure, so timeout changes have no effect. (90% fail)