CORS Support for API Use
-
Hi @David-Sargrad, have you tried adding a specific domain to that list? While the
*value is a valid header, I am not certain whether that value there would be considered valid. -
Thanks Guys. I'll try that. Right now I'm on localhost, so presumably:
http://localhostshould work?
-
I've tried both http://localhost
However I still get the same problem.
I can browse to this URL however..
-
Chrome does not support CORS for
localhost: https://stackoverflow.com/questions/10883211/why-does-my-http-localhost-cors-origin-not-work -
@julian I'm not sure I understand the question. I am on my development machine. I am running a local instance of nodebb on that same machine.
@PitaJ I did see some interesting options listed at the location you linked. I'll try them.
I would have thought that this is something that many NodeBB developers (those that want to use the NodeBB API) would have seen and learned to address in a standard way.
-
Ok. I find this interesting, and it better helps me to understand @julian
https://stackoverflow.com/questions/45975135/access-control-origin-header-error-using-axiosThe "site" that I am calling from is likely my "react app" which is running at http://localhost:3000
Of specific interest is this persons description
https://stackoverflow.com/a/64137023However this also explains why I thought "*" should work as in the following:
app.get('/hello', function (req, res) { res.header("Access-Control-Allow-Origin", "*"); res.send('Hello World'); })I've developed such node express services before, and have always used this practice when I want to allow cross origin requests on the localhost.
-
I also like the "nginx" option. I may try this eventually.
In fact the example shown in the link above is exactly the scenario I am using with NodeBB's API.
-
Yay!! It worked when I used the ACP to set the Access-Control-Allow-Origin field to http://localhost:3000.
I would recommend looking at allowing "*". This is a common CORs practice, particularly in a development environment.
