darkness___.
CORS Blocking When Deployed on Railway
app.use(function (req, res, next) {
res.setHeader(
"Access-Control-Allow-Origin",
process.env.FRONTEND_URL as string
);
res.setHeader("Access-Control-Allow-Credentials", "true");
res.setHeader("Access-Control-Max-Age", "1800");
res.setHeader("Access-Control-Allow-Headers", "content-type");
res.setHeader(
"Access-Control-Allow-Methods",
"PUT, POST, GET, DELETE, PATCH, OPTIONS"
);
next();
});
app.use(
cors({
origin: process.env.FRONTEND_URL,
credentials: true,
})
);
app.use(function (req, res, next) {
res.setHeader(
"Access-Control-Allow-Origin",
process.env.FRONTEND_URL as string
);
res.setHeader("Access-Control-Allow-Credentials", "true");
res.setHeader("Access-Control-Max-Age", "1800");
res.setHeader("Access-Control-Allow-Headers", "content-type");
res.setHeader(
"Access-Control-Allow-Methods",
"PUT, POST, GET, DELETE, PATCH, OPTIONS"
);
next();
});
app.use(
cors({
origin: process.env.FRONTEND_URL,
credentials: true,
})
);
Access to XMLHttpRequest at 'https://<app_name>.up.railway.app/' from origin 'https://frontend.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://frontend.app/' that is not equal to the supplied origin.
Access to XMLHttpRequest at 'https://<app_name>.up.railway.app/' from origin 'https://frontend.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://frontend.app/' that is not equal to the supplied origin.
4 replies