Cors subdomains

Hi, I have hard time implementing CORS into t3stack, I have two subdomains:
app.page.com
recruiter.page.com
app.page.com
recruiter.page.com
They are calling trpc that is on
page.com
page.com
This works on localhost but does not on vercel hosting, is there anything specific I have to do?
const cors = Cors();

function runMiddleware(req: NextApiRequest, res: NextApiResponse, fn: any) {
return new Promise((resolve, reject) => {
fn(req, res, (result: any) => {
if (result instanceof Error) {
return reject(result);
}

return resolve(result);
});
});
}

export function withCors(handler: NextApiHandler) {
return async (req: NextApiRequest, res: NextApiResponse) => {
await runMiddleware(req, res, cors);

return await handler(req, res);
};
}

export default withCors(
createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
onError:
env.NODE_ENV === "development"
? ({ path, error }) => {
console.error(
`❌ tRPC failed on ${path ?? "<no-path>"}: ${error.message}`
);
}
: undefined,
})
);
const cors = Cors();

function runMiddleware(req: NextApiRequest, res: NextApiResponse, fn: any) {
return new Promise((resolve, reject) => {
fn(req, res, (result: any) => {
if (result instanceof Error) {
return reject(result);
}

return resolve(result);
});
});
}

export function withCors(handler: NextApiHandler) {
return async (req: NextApiRequest, res: NextApiResponse) => {
await runMiddleware(req, res, cors);

return await handler(req, res);
};
}

export default withCors(
createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
onError:
env.NODE_ENV === "development"
? ({ path, error }) => {
console.error(
`❌ tRPC failed on ${path ?? "<no-path>"}: ${error.message}`
);
}
: undefined,
})
);
5 Replies
Unknown User
Unknown Userβ€’2y ago
Message Not Public
Sign In & Join Server To View
Jaaneek
JaaneekOPβ€’2y ago
@zeztron could you elaborate further? I changed the endpoint to one from T3stack docs
import { type NextApiRequest, type NextApiResponse } from "next";
import { createNextApiHandler } from "@trpc/server/adapters/next";
import { appRouter } from "~/server/api/root";
import { createTRPCContext } from "~/server/api/trpc";
import cors from "nextjs-cors";

const handler = async (req: NextApiRequest, res: NextApiResponse) => {
// Enable cors
await cors(req, res);

// Create and call the tRPC handler
return createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
})(req, res);
};

export default handler;
import { type NextApiRequest, type NextApiResponse } from "next";
import { createNextApiHandler } from "@trpc/server/adapters/next";
import { appRouter } from "~/server/api/root";
import { createTRPCContext } from "~/server/api/trpc";
import cors from "nextjs-cors";

const handler = async (req: NextApiRequest, res: NextApiResponse) => {
// Enable cors
await cors(req, res);

// Create and call the tRPC handler
return createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
})(req, res);
};

export default handler;
Working on localhost - not working on vercel I added those
async headers() {
return [
{
// matching all API routes
source: "/api/:path*",
headers: [
{ key: "Access-Control-Allow-Credentials", value: "true" },
{ key: "Access-Control-Allow-Origin", value: "*" },
{
key: "Access-Control-Allow-Methods",
value: "GET,OPTIONS,PATCH,DELETE,POST,PUT",
},
{
key: "Access-Control-Allow-Headers",
value:
"X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
},
],
},
];
},
async headers() {
return [
{
// matching all API routes
source: "/api/:path*",
headers: [
{ key: "Access-Control-Allow-Credentials", value: "true" },
{ key: "Access-Control-Allow-Origin", value: "*" },
{
key: "Access-Control-Allow-Methods",
value: "GET,OPTIONS,PATCH,DELETE,POST,PUT",
},
{
key: "Access-Control-Allow-Headers",
value:
"X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
},
],
},
];
},
into next.config.mjs and still nothing works on vercel 😦
Unknown User
Unknown Userβ€’2y ago
Message Not Public
Sign In & Join Server To View
Jaaneek
JaaneekOPβ€’2y ago
It's from official t3stack docs, I also tried normal cors package with nextjs middleware & right now I'm setting it manually by:
const handler = (req: NextApiRequest, res: NextApiResponse) => {
// Enable cors
// await cors(req, res);

res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Request-Method", "*");
res.setHeader("Access-Control-Allow-Methods", "*");
res.setHeader("Access-Control-Allow-Headers", "*");
if (req.method === "OPTIONS") {
res.writeHead(200);
return res.end();
}

// Create and call the tRPC handler
return createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
onError:
env.NODE_ENV === "development"
? ({ path, error }) => {
console.error(
`❌ tRPC failed on ${path ?? "<no-path>"}: ${error.message}`
);
}
: undefined,
})(req, res);
};

export default handler;
const handler = (req: NextApiRequest, res: NextApiResponse) => {
// Enable cors
// await cors(req, res);

res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Request-Method", "*");
res.setHeader("Access-Control-Allow-Methods", "*");
res.setHeader("Access-Control-Allow-Headers", "*");
if (req.method === "OPTIONS") {
res.writeHead(200);
return res.end();
}

// Create and call the tRPC handler
return createNextApiHandler({
router: appRouter,
createContext: createTRPCContext,
onError:
env.NODE_ENV === "development"
? ({ path, error }) => {
console.error(
`❌ tRPC failed on ${path ?? "<no-path>"}: ${error.message}`
);
}
: undefined,
})(req, res);
};

export default handler;
All of my tries works on localhost but not one of them on vercel Fixed, I was missing www. in my domain URL, only the URL with www. has the vercel headers, weird because I literally have it under the version without www as well
Mattèo
Mattèo‒12mo ago
Hi @Jaaneek, sorry to bother you, could you share the code snippet for this problem? Even if it's embedded in your project, just to see how you've implemented secure subdomain authentication
Want results from more Discord servers?
Add your server