Edit: Yes, I've tried all the possible solutions suggested in other threads here. None of them seem to work for me. So before marking this question as duplicate, please look into my explanation. Thanks. Also, I'm using adal-node npm module for Azure AD Authentication.
I'm trying to resolve the CORS error thrown by my webapp hosted on Azure.
I've my frontend written in Angular 6 (runs on Apache Tomcat server) and have hosted it as an App Service on Azure and I've my backend written in Node.Js (runs o Node server) which is again hosted as another App Service in Azure. My Node.Js code calls some APIs from Netsuite and modifies the data as needed and sends back to Angular frontend.
So when the user first hits the dashboard URL of frontend (xxxx.azurewebsites.net/login), there's a minimal login button, on hitting which an API in my Node.Js backend will be called and here my authentication with the Azure Active Directory takes place. On successful login, the user has to be redirected to dashboard screen of frontend. But here, I'm being thrown this error:
Access to XMLHttpRequest at 'https://login.microsoftonline.com/...redirect_uri=https://xxxxx.azurewebsites.net/forecastSummary...' from 'https://yyyyy.azurewebsites.net/') from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header present on the requested resource.
I've already added the headers in my Node.Js backend as shown below:
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Credentials', true);
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Authorization, Content-Type, Accept');
res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
next();
});
Plus, I also separately tried enabling CORS setting available in the Azure App Service by using the wildcard '*'. Neither does that seem to be working.
P.S: I can't attach screenshots or pictures supporting the problem since my SO reputation is low.
