Cant load my metadata from xpress server due to cors policy
Access to XMLHttpRequest at 'https://metaserver-production.up.railway.app/nfts/0' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This is a problem, how do I overcome this? Ty
8 Replies
Project ID:
f9302c62-de80-4dc2-86bb-1095312b9867f9302c62-de80-4dc2-86bb-1095312b9867
while developing locally, run your backend locally too and makes requests to the locally running backend
can't in this case, I found this solution, enable cors,
does this pose a security risk and will it work?
my server on railway:
const express = require("express");
const cors = require("cors");
const app = express();
const fs = require("fs");
const path = require("path");
app.use(cors()); // Enable CORS for all routes
this worked, image loads now, but is it such a big deal problem to have this enabled?
yeah a wildcard is definitely not the best idea
so, the only app thats going to be consuming these is my mint website, is there a way to let him pass the cors and block everything else?
actually, not really, I need this metadata available everywhere
I'm sorry but this is a little out of the scope of what these help threads are intended for
ok