-1

Trying to launch an app on Heroku that fetches a response from Okta but i'm getting a CORB error

Cross-Origin Read Blocking (CORB) blocked cross-origin response https://dev-493904.oktapreview.com/oauth2/default/v1/keys with MIME type application/json.

Is there any way to just enable the response to come through without creating a Express and NodeJS server?

I can't see any Webpack server settings I can alter to change the headers.

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
Christopher
  • 83
  • 1
  • 12

1 Answers1

0

Unfortunately you need a backend server to make requests that have CORS protection. You could try serving your code using a simple python server

python -m SimpleHTTPServer

but odds are you are going to need to implement CORS compliant requests.

Additionally, I would check if Okta has some sort of code sample for doing this in the frontend and you could copy that directly.

An easy way to do a sanity check is to try the request in Postman and use its code generation feature to try a successful request in your own codebase.

Faizan Virani
  • 134
  • 1
  • 11
  • What i'be found is its only in chrome it works fine in firefox. Its not a "CORS" error per say its a CORB on the response i get back from the API ( its a JSON object ). It's so frustrating. – Christopher Jan 30 '19 at 09:38
  • @ChristopherForrest — Sounds like you are trying to make a JSONP request. JSON is not JSONP and attempting to make a JSONP request for JSON will generate a CORB error. – Quentin Feb 01 '19 at 11:24