Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
"Access-Control-Allow-Origin" is not added to headers
See original GitHub issueIt started with having problem for CORS between my front-end (angular2) and back-end (expressjs). Some StackOverflow recommend to use cors-package (for answers in 2016 against those from 2013-2014).
I’ve used following configuration and CORS still not adding “Access-Control-Allow-Origin”:
cors = require('cors'),
const originsWhiteList = {
"http://localhost:3001": true // front-end development port
};
const corsOptions = {
origin: function(origin, callback) {
callback(originsWhiteList[origin] ? null : 'Bad Request', originsWhiteList[origin]);
},
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE']
}
.
.
.
// just right before other routes
app.use(cors(corsOptions));
app.options('/api/v1/*', cors());
this should be classified as bug, right ?
the exact error:
XMLHttpRequest cannot load http://localhost:3000/api/v1/todos. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:3001’ is therefore not allowed access. The response had HTTP status code 403.
Issue Analytics
- State:
- Created 7 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
the readme file state the second callback’s parameter is a boolean
So after spending the past week getting to know this module better to help maintain it–it turns out that both are correct. The second argument you give to the callback can actually be any valid value to the
originoption (so, an array, a string, a boolean, etc.).