CD
Cloudflare Developers17mo ago
Msnfreaky

How do i call CF LB from pages?

Here is the current implementation, Pages - custom domain is dev.swami-domain.com and LB custom domain is api.swami-domain.com and i am calling the API from pages CORS issue. I have added _headers as below. Still getting CORS error. /* Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Allow-Headers: *
No description
7 Replies
Cyb3r-Jak3
Cyb3r-Jak317mo ago
The CORS headers need to come from the api.s-domain.com
Msnfreaky
MsnfreakyOP17mo ago
Access to XMLHttpRequest at 'https://api.s-domain.com/api/get_query' from origin 'https://dev.s-domain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, *, https://dev.s-domain.com', but only one is allowed. I am running nginx inside the pool instances
Cyb3r-Jak3
Cyb3r-Jak317mo ago
What does the OPTIONS response look like from https://api.s-domain.com/api/get_query
msngeeky
msngeeky17mo ago
No description
Cyb3r-Jak3
Cyb3r-Jak317mo ago
Access-Control-Allow-Origin is set to ','. Needs to be your domain
Msnfreaky
MsnfreakyOP17mo ago
After that change, add_header Access-Control-Allow-Origin https://dev.s-domain.com; I am getting the following error. Access to XMLHttpRequest at 'https://api.s-domain.com/auth/get_query' from origin 'https://dev.s-domain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed.
No description
Cyb3r-Jak3
Cyb3r-Jak317mo ago
Your CORS header seems to be *, *. You only need * Something is causing there to be weird access control allow origin header which is the reason that CORS is failing.

Did you find this page helpful?