I need to use CORS node module in React created using create-react-app utility.
Since its a utility I am not able to tweak inside and inject CORS into preconfigured EXPRESS module.
How can we achieve this?
Asked
Active
Viewed 6.6k times
37
Penny Liu
- 15,447
- 5
- 79
- 98
Swapnil Kadu
- 589
- 1
- 8
- 12
-
1you have to use this plugin: https://www.npmjs.com/package/cors – challenger Dec 20 '17 at 09:39
-
2I knew that, but I am unable to integrate it with **create-react-app** :-( – Swapnil Kadu Dec 21 '17 at 09:18
-
1@challenger you don't have to use that. See my answer below. – Ian Smith Jun 01 '20 at 01:36
-
CORS: Cross-Origin Resource sharing,If which means, we can't access resources on ABC, com from XYZ.com. Solution : For CORS issue fix needs to apply on server not on client side – Bhagvat Lande Jul 28 '22 at 09:08
4 Answers
32
If you are needing this for development and wanting to access an api from your react app but getting an error like this-
Failed to load http://localhost:8180/tables:
The 'Access-Control-Allow-Origin' header has a value 'http://localhost:8180'
that is not equal to the supplied origin. Origin 'http://localhost:3000' is
therefore not allowed access. Have the server send the header with a valid
value, or, if an opaque response serves your needs, set the request's mode to
'no-cors' to fetch the resource with CORS disabled.
then you can get the create-react-app server to proxy your request to your api server quite easily.
create-react-app uses the webpack development server to serve your react app.
So if your react app is being served from http://localhost:3000 and the api you want to connect to is at http://localhost:8180/tables you can simply add a proxy value into your react app's package.json file like this-
proxy: "http://localhost:8180",
then from your react app call your api like
fetch('/tables').then(....)
the request will be sent to the create-react-app server which will send it on to the api server and return the results for you.
Full details here Proxying API Requests in Development
-
1Thanks for the answer but the link has changed. New one is : https://facebook.github.io/create-react-app/docs/proxying-api-requests-in-development – Rick Feb 01 '19 at 11:04
-
33What about if the api is hosted in another domain? This seems like for the same domain – samayo Aug 02 '19 at 16:45
-
-
1@EnricoBorba I was wrong and deleted my answer, I thought you could utilize the hosts file and spoof a domain to localhost.. – Ian Smith Sep 04 '20 at 04:16
-
@samayo See [the linked answer](https://stackoverflow.com/a/64641435/1705829) point 6 for CORS in another domain. Just use the other domain: `"proxy":"http://my-domain"` – Timo Jan 10 '23 at 07:01
12
SIMPLER SOLUTION IS:
Because the server from create-react-app is only used during development, then you can use additional extensions on each browser to resolve the issue. Here are some extensions that you can use to solve CORS problems during development stage:
There is Whitelist features that can use to activated the extension in only specified websites. So don't worry about the security.
Of course, at the
productionstage you can solve CORS problems on your respective server, so at this stage, the browser extension is no longer needed.
Laode Muhammad Al Fatih
- 3,994
- 1
- 18
- 32
-
1Wouldn't using these extensions be deemed unsafe since you disable CORS for all websites then? – Cathal Mac Donnacha Jul 07 '21 at 18:24
-
@ReturnOfTheMac there is a whitelist feature that you can use, so that the extension only runs on some of the sites listed. – Laode Muhammad Al Fatih Jul 09 '21 at 06:15
-
It says, ** When CORS is allowed in your browser, for the following domains, CORS is disabled. ** means, only listed domains get blocked. – Thushara Buddhika Jan 11 '22 at 11:39
1
When cors issue is encountered in create-react-app all you need to do is set the proxy key in the package.json file. The proxy is pointed to the endpoint you want to interact with,note proxy doesn't work in production you have to explicitly set an endpoint to interact with.
For more checkout: https://create-react-app.dev/docs/proxying-api-requests-in-development
{
"name": "app",
"version": "0.1.0",
"private": true,
"dependencies": {
"react-dom": "^18.0.0",
"react-query": "^3.39.2",
"react-router": "^6.3.0",
"react-router-dom": "^6.3.0",
"react-scripts": "5.0.0",
"uuid": "^8.3.2",
"web-vitals": "^2.1.4"
},
"proxy": "http://127.0.0.1:8000",
"scripts": {
"start": "react-scripts start",
"build": "react-scripts build",
"test": "react-scripts test",
"eject": "react-scripts eject"
},
"eslintConfig": {
"extends": [
"react-app",
"react-app/jest"
]
},
"browserslist": {
"production": [
">0.2%",
"not dead",
"not op_mini all"
],
"development": [
"last 1 chrome version",
"last 1 firefox version",
"last 1 safari version"
]
}
}<script src="https://cdnjs.cloudflare.com/ajax/libs/react/16.6.3/umd/react.production.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/react-dom/16.6.3/umd/react-dom.production.min.js"></script>
Code ninja
- 181
- 1
- 5
0
CORS: Cross-Origin Resource sharing, which means, we can't access resources on ABC.com from XYZ.com.
Solution: For the CORS issue fix needs to apply on the server not on the client side
ABC.com needs to allow XYZ.com to access resources.
Bhagvat Lande
- 1,392
- 3
- 17
- 34