Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Apollo Server Express - CORS issue

See original GitHub issue

According to the Apollo docs for Express, the way to enable CORS is in the .applyMiddleware({app}) function I have tested this and it doesn’t work. My setup is exactly the same as this: https://github.com/apollographql/apollo-server/tree/master/packages/apollo-server-express#express except that the applyMiddleware now looks like this:

server.applyMiddleware({
  app,
  cors: {
    credentials: true,
    origin: new RegExp("/*/")
  }
})

Still, on my frontend I get a CORS error:

“Access to fetch at ‘https://blablabla.now.sh/graphql’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.”

I’m going crazy trying to figure this out - any ideas how to make it work?

Issue Analytics

State:
Created 4 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

9reactions

miliu99commented, Apr 25, 2020

OK, I got it working now. It turns out the error message is completely unrelated to my problem - it has nothing to do with CORS. In my case, it had included a file from wrong path. If I had looked at the CloudWatch log, I would have figured it out right away, but I was misled by the message and looking for CORS all the time. I could have deleted my previous post, but i think it might help somebody down the road running into similar problems. So, check the CloudWatch log first!

3reactions

abernixcommented, Mar 18, 2020

I don’t believe this is a problem with Apollo Server. The express integration directly passes the options to cors:

https://github.com/apollographql/apollo-server/blob/53f9021923f0cb74c5df730f38e1217e85a9ffed/packages/apollo-server-express/src/ApolloServer.ts#L174-L179

Please consider the suggestion from @nikhilunni511 or investigate the problem more generically outside of the context of Apollo Server itself, or provide a reproduction indicating that it’s unique to Apollo Server’s usage of the cors module.