Trouble with CORS?

A

Andrey Okhotnikov2019-07-09 11:59:24

CORS

Andrey Okhotnikov, 2019-07-09 11:59:24

Trouble with CORS?

Cors is configured on the server - get requests go through, with a post request an error

Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response

If you register in headers
'Access-Control-Allow-Origin': '*'
Then even get requests stop working

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

E

Eugene Chefranov, 2019-07-09
@Chefranov

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header set Access-Control-Max-Age "1000"
Header set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, x-access-token"

A

Anton Spirin, 2019-07-09
@rockon404

const cors = require('cors');
const app = express();

app.use(cors());

or:

const app = express();

app.use((req, res, next) => {
  res.header('Access-Control-Allow-Origin', '*');
  res.header('Access-Control-Allow-Methods', 'GET, HEAD, OPTIONS, POST, PUT');
  res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');

  next();
});