CORS not working on apollo-server-express

Question

Package: apollo-server-express

Version: v2.6.0

Issue: CORS settings aren't taking effect.

Reported to Apollo?: Yes, Issue 3058

Description: From our react client, we started sending apollographql-client-name & apollographql-client-version headers for better client awareness in Apollo Engine.

Access to fetch at 'https://something.com/graphql' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field apollographql-client-name is not allowed by Access-Control-Allow-Headers in preflight response.

We receive above CORS error. We enabled cors on Apollo Server through express middleware by passing cors: true. For some reason, this changes are not making any difference. We continue to receive above error.

const server: ApolloServer = new ApolloServer({
...
...
});

const app: Application = express();

server.applyMiddleware({
   app,
   cors: true,
   path: '/graphql',
});

• We have nginx sitting in front and it does receive request and forwards to Apollo Server.
• cors: true enables everything by default?
• We tried being very specific but that didn't help either.

cors: {
   origin: true,
   allowedHeaders: ['Authorization', 'Content-Type', 'apollographql-client-name']
},

Any inputs and suggestions are welcome!

Answer 1

Issue is resolved.

We had kubernetes ingress layer on top of our Apollo Server and that's what was causing changes not to reflect. After we enabled cors on nginx ingress, we were able to make successful calls.