No 'Access-Control-Allow-Origin' react express docker app
I have been able to do this before with the following configuration:
app.use((req, res, next) => { const origin = req.get('origin'); // TODO Add origin validation res.header('Access-Control-Allow-Origin', origin); res.header('Access-Control-Allow-Credentials', true); res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE'); res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, Cache-Control, Pragma'); // intercept OPTIONS method if (req.method === 'OPTIONS') { res.sendStatus(204); } else { next(); }});
As you can see in my case I was allowing more methods than only the GET
one and added additional allowed headers (such as the Authorization
one that I needed in this case), notice that in your case you specified only X-Requested-With
and Content-Type
, but you might as well need the Origin
one if you want to validate the origin.
I am as well intercepting the OPTIONS
request to avoid sending additional data in that case.