CORS problem with backend http url
How can avoid cors problem with http backend url using NotificationContext in Client side?
9 Replies
Hi @_7eo., I'm an AI assistant for Novu. While a team member reviews this question, I'll see if I can find relevant sources for your question.
-----------------------------
While I generate an answer, here are some sources that might be helpful:
* API Overview
* API Reference
* Overview
* React Get Started
-----------------------------
Answer
To avoid CORS problems when using Novu with an HTTP backend URL on the client side, it's crucial to ensure that your backend is properly configured to handle CORS (Cross-Origin Resource Sharing) requests. For Novu specifically, it's important to note that their API and backend SDK are intended for use exclusively in server-side applications. Attempting to use them in a client-side application will result in CORS errors to maintain the security and integrity of their services (1) .
When setting up your server to handle CORS, you can use libraries such as
cors in Node.js to explicitly set allowed origins, methods, and headers. Here's a basic example of how to configure CORS in an Express.js server which is a common backend framework:
This configuration allows your backend to accept requests from the specified origin, which should match your client application's URL to avoid CORS errors. Ensure that the
origin in corsOptions aligns with the domain from which you're making requests to the backend.
Additionally, for any requests made from the Novu Notification Center on the client side, make sure they are directed to a server-side endpoint that handles these requests and communicates with Novu's APIs. This approach helps to avoid exposing sensitive keys and encountering CORS issues related to direct browser-to-API communications.
Remember, if you're self-hosting Novu and modifying its configurations, you should ensure that CORS settings are properly adjusted in your deployment to allow for communication between your client-side application and the Novu backend services (2) .
By following these practices, you can effectively manage CORS issues in your application when integrating Novu on the client side.@_7eo. was the solution above helpful?
@_7eo.
Are you using custom backend and socket url?
https://docs.novu.co/notification-center/client/react/get-started#use-your-own-backend-and-socket-url
or using self hosting api directly in client side?
custom backend and sockect url
but the Notification Context makes call to my backend from client side
and i having cors problems
because my novu hosting is using http protocol
and i dont like the idea of show my backend ulrs in the client
so, i was thinking in makes my own redux store for using notifications and use the novu api in my backend
in this scenario i dont know how could configure socket services and hmac encryption in my backend
@_7eo. have you hosted your web application on https and using self hosted novu version on http
if yes, then CORS error will occur. I feel this is not Novu specific error rather a common security issue
afiramtive!!!!
@_7eo., you just advanced to level 3!
afirmative i mean
i will try to host novu over https
with nginx