Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

CORS "It does not have HTTP ok status."

NodeJS Express platform. Using Zeit Now 2. Cannot use server.js as proxy to send from backend to prevent CORS. So, nor wrestling with CORS problems. Tested desktop: chrome, safari, firefox. Mobile: chrome, firefox. Have tested to host on Now with HTTPS, same error as I get locally on both localhost:3000 and 127.0.0.1:3000, same using port 80.

Access to fetch at 'https://**MY_URL**/user/login' from origin 'http://127.0.0.1:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

I use https://www.npmjs.com/package/cors to set my CORS configs:

app.use(cors({
  'allowedHeaders': ['Content-Type', 'API-Key', 'API-Secret', 'Access-Control-Allow-Headers'', 'accept', 'client-security-token'],
  'exposedHeaders': ['sessionId'],
  'origin': '*',
  'methods': 'GET, HEAD, PUT, PATCH, POST, DELETE, OPTIONS',
  'preflightContinue': false,
  'credentials': true
}));

The CORS settings doesn't seem to work for my, so I tried with the now.json file, like this (trimmed veersion):

{
  "name": "my-test-api",
  "version": 2,
  "routes": [
    {
     "src": "/.*",
     "methods": ["GET", "POST", "OPTIONS"],
     "headers": { "Access-Control-Max-Age": "1000", "Access-Control-Allow-Methods": "GET, HEAD, PUT, PATCH, POST, DELETE, OPTIONS", "Access-Control-Allow-Origin": "*", "Accept": "text/plain", "Content-Type": "text/plain", "Access-Control-Allow-Headers": "sessionId, Content-Type, API-Key, API-Secret, Access-Control-Allow-Headers", "Access-Control-Expose-Headers": "sessionId", "Access-Control-Allow-Credentials": "true" },
     "continue": true
    },
    { "src": "/user/login", "methods": ["POST"], "dest": "index.js" }
  ]
}

Even added statusCode 200 to all my responses, but without any success. Removing the Npm-cors-package won't change anything, but removing the Now.json totally destroys stuff, and I get this error, from MDN even though I have it specified in my app.use(cors()).

Not really sure what to do, have been struggeling with this forever. No problem with cURL or other hosts where I can use backend proxy.

like image 286
sfsefsf33fs3fs3fs Avatar asked Aug 24 '19 17:08

sfsefsf33fs3fs3fs


2 Answers

You can set the HTTP status of the pre-flight response.

app.options('*', function (req,res) { res.sendStatus(200); });
like image 89
Guillaume Adam Avatar answered Nov 18 '22 09:11

Guillaume Adam


You may need to enable pre-flight requests for your route

app.use(cors())

app.options('/post/login', cors()) // enable pre-flight requests
app.post('/post/login', (req, res, next) => {
    // your code here
});

or for all routes

app.options('*', cors())
like image 24
Jon Marcello Avatar answered Nov 18 '22 09:11

Jon Marcello