Helpex - Trao đổi & giúp đỡ Đăng nhập

NodeJS Express platform. Using Zeit Now 2. Cannot use server.js as proxy to send from backend to prevent CORS. So, nor wrestling with CORS problems. Tested desktop: chrome, safari, firefox. Mobile: chrome, firefox. Have tested to host on Now with HTTPS, same error as I get locally on both localhost:3000 and, same using port 80.

Access to fetch at 'https://**MY_URL**/user/login' from origin '' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

I use to set my CORS configs:

  'allowedHeaders': ['Content-Type', 'API-Key', 'API-Secret', 'Access-Control-Allow-Headers'', 'accept', 'client-security-token'],
  'exposedHeaders': ['sessionId'],
  'origin': '*',
  'preflightContinue': false,
  'credentials': true

The CORS settings doesn't seem to work for my, so I tried with the now.json file, like this (trimmed veersion):

  "name": "my-test-api",
  "version": 2,
  "routes": [
     "src": "/.*",
     "methods": ["GET", "POST", "OPTIONS"],
     "headers": { "Access-Control-Max-Age": "1000", "Access-Control-Allow-Methods": "GET, HEAD, PUT, PATCH, POST, DELETE, OPTIONS", "Access-Control-Allow-Origin": "*", "Accept": "text/plain", "Content-Type": "text/plain", "Access-Control-Allow-Headers": "sessionId, Content-Type, API-Key, API-Secret, Access-Control-Allow-Headers", "Access-Control-Expose-Headers": "sessionId", "Access-Control-Allow-Credentials": "true" },
     "continue": true
    { "src": "/user/login", "methods": ["POST"], "dest": "index.js" }

Even added statusCode 200 to all my responses, but without any success. Removing the Npm-cors-package won't change anything, but removing the Now.json totally destroys stuff, and I get this error, from MDN even though I have it specified in my app.use(cors()).

Not really sure what to do, have been struggeling with this forever. No problem with cURL or other hosts where I can use backend proxy.

9 hữu ích 3 bình luận 19k xem chia sẻ

You may need to enable pre-flight requests for your route


app.options('/post/login', cors()) // enable pre-flight requests'/post/login', (req, res, next) => {
    // your code here

or for all routes

app.options('*', cors())
7 hữu ích 2 bình luận chia sẻ

You can set the HTTP status of the pre-flight response.

app.options('*', function (req,res) { res.sendStatus(200); });
2 hữu ích 0 bình luận chia sẻ

I got this cryptic error when the preflight (OPTIONS) request returned a 404. I eventually found I was using an incorrect path, and my router (Golang httprouter) 404s OPTIONS for non-existent routes.

0 hữu ích 0 bình luận chia sẻ

you can use nginx's reverse proxy to proxy your 80 port's requests to 3000 port and it will work fine

0 hữu ích 0 bình luận chia sẻ

Please try by adding one line and remove your old cors config from express and now.json


That’s it. CORS is now enabled. If you make a request to your app, you will notice a new header being returned: Access-Control-Allow-Origin: *

0 hữu ích 0 bình luận chia sẻ


    .then(response => {
      const $ = cheerio.load(;
-1 hữu ích 0 bình luận chia sẻ
Không tìm thấy câu trả lời bạn tìm kiếm? Duyệt qua các câu hỏi được gắn thẻ node.js express , hoặc hỏi câu hỏi của bạn.

Có thể bạn quan tâm