0

I am using the cors module from npm and set CORS to be enabled for any traffic. My code snippet looks something like this.

const express = require('express');
const cors = require('cors');
const app = express();

// express app to use cors
app.use(cors())

When I used an external client (Vue) to access my login API from my Node.JS server, I got an error saying

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.

If I'm not wrong, instantiating cors without any options would permit all request regardless of origin. What went wrong here?

Darkrum
  • 1,325
  • 1
  • 10
  • 27
Chua Bing Quan
  • 35
  • 1
  • 2
  • 7
  • Possible duplicate of [CORS 403 error Angular and Express](https://stackoverflow.com/questions/22168850/cors-403-error-angular-and-express) – Burdy Jul 23 '17 at 04:12

1 Answers1

0

Did you try enabling CORS Pre-Flight?

Certain CORS requests are considered 'complex' and require an initial OPTIONS request (called the "pre-flight request")

app.options('*', cors())
Iñigo
  • 1
  • 2
  • Hi, thanks for your reply. I changed my code to enable CORS for all pre-flight requests as per your suggestion, however, I am still getting the same error that I've mentioned in my original question (I used app.options('*', cors())) before any of my routes. – Chua Bing Quan Jul 25 '17 at 00:40