Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Could someone help me with this CORS issue?
See original GitHub issueCould this issue be resolved with different configuration flag or is this an actual bug or unsupported?
Running http-server with the following:
npx http-server -p 3001 --cors
npx: installed 29 in 3.722s
Starting up http-server, serving ./
http-server settings:
CORS: true
Cache: 3600 seconds
Connection Timeout: 120 seconds
Directory Listings: visible
AutoIndex: visible
Serve GZIP Files: false
Serve Brotli Files: false
Default File Extension: none
Available on:
http://127.0.0.1:3001
http://10.216.156.5:3001
http://172.17.0.1:3001
When fetching the json files, the preflight check is failing.
[Tue Aug 24 2021 12:36:22 GMT-0400 (Eastern Daylight Time)] "OPTIONS /monitoring/mon_ui/assets/switch_monitoring_service_meta_data.json?_=1629823501368" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36"
[Tue Aug 24 2021 12:36:22 GMT-0400 (Eastern Daylight Time)] "OPTIONS /monitoring/mon_ui/assets/switch_overview.json?_=1629823501368" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36"
Errors in browser:
Access to XMLHttpRequest at ‘https://blah.cloudfront.net/monitoring/mon_ui/assets/switch_monitoring_service_meta_data.json?_=1629823501368’ from origin ‘https://app.blah.com’ has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
Access to XMLHttpRequest at ‘https://blah.cloudfront.net/monitoring/mon_ui/assets/switch_overview.json?_=1629823501368’ from origin ‘https://app.blah.com’ has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@thornjad
authorizationresolved the error!!! Thank you.PS: Wouldn’t it be better when user specify
--corsthe server should just, by default, make EVERYTHING CORS related to just work? 😃I can see the argument both ways, because allowing everything would make development easier, but is inherently less safe. The way it was built predates my involvement in the project, so I’m not entirely sure on the reasoning for the default allowed headers.