I have a vue app deployed statically. It makes requests to a server that is hosted on another url.
When making API requests. The vue app gets cors errors:
Access to XMLHttpRequest at 'https://ALB_URL' from origin
'HTTPS://APIGATEWAYURL' has been blocked by CORS policy: No
'Access-Control-Allow-Origin' header is present on the requested resource.
The problem is that I get these cors errors even if the server behind the AWS ALB is down. I have confirmed with AWS support the ALB just naively forwards requests to the server and does zero CORS handling.
I then confirmed I could see options requests that should check for CORS permissions when going to youtube. Then I went to my page, and found out that zero options requests were being sent.
How can I have my vue application make an options request to the server so it can see it is allowed to make requests to it? It currently is making axios requests with the with Credentials flag as auth cookies are in the header.
axios
.get(
"https://ALBURL",
{
withCredentials: true,
}
)
I do not want to do a production proxy if at all possible as that will be extremely difficult for infrastructure reasons.
I would greatly appreciate any help.