Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Do you need app.options and app.use(cors()); ??
See original GitHub issueHi,
I have a client that is getting a CORS error for preflight. So, we added the"app.options", in addition to the app.use. Do we need to add both for all routes? (nodeJS with Express).
Code in the main JS file in node. This is executed prior to any routes:
app.options('*', cors()) // include before other routes
app.use(cors()); // Header support for Express
Is this redundant? Will the second line cause the preflight to fail or are both necessary? We have a client that is failing the preflight with both Chrome and Edge.
Thanks! Steve
Issue Analytics
- State:
- Created a year ago
- Comments:7 (1 by maintainers)
Top Results From Across the Web
Express cors middleware
CORS is a node.js package for providing a Connect/Express middleware that can be used to enable CORS with various options.
Read more >what does app.use(cors()) do?
Calling use(cors()) will enable the express server to respond to preflight requests. A preflight request is basically an OPTION request sent ...
Read more >Using CORS in Express
Cross-origin resource sharing (CORS) allows AJAX requests to skip the Same-origin policy and access resources from remote hosts. In this post I will...
Read more >How to use CORS in Node.js with Express
Let's create a very basic Express HTTP server endpoint that serves a GET response. Make sure you have Node.js runtime installed and run...
Read more >NodeJS CORS Guide: What It Is and How to Enable It
I 'll then walk you through how you can enable CORS in your NodeJS application. You can also learn more about the basics...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Hi, I had a feeling that was the case. We only used app.use(cors());, but then out of nowhere, a client of ours is having preflight failure and can’t use our platform. We added the app.options(‘*’, cors()) as a precaution to the preflight issues but they are still having preflight issues in both Chrome and Edge. We are trying to make sure everything on the server side is solid. We have never seen this before and then there is a preflight failure…out of nowhere. There is nothing more we can do on our side, other than suggest a plugin for the client., which is not the best option.
What other options should we pursue if the client is still failing? This is the Chrome error (real web address changed) : ‘https://sampleapi.com/me’ from origin ‘https://sampleeapp.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’
Any help on this would be appreciated!
thanks. Steve
@sinclas I am having similar issues. Any updates? I actually can see that my server is not providing the “allow-control-access-origin” header. This only happened when I enabled credentials. I also have this issue with edge, firefox, and chrome"