CORS issue

@kapa.ai i'm experiencing a CORS issue:

Access to XMLHttpRequest at 'https://api.elmossetgourmet.es/auth/me' from origin 'https://elmossetgourmet.es' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI
api.elmossetgourmet.es/auth/me:1

Failed to load resource: net::ERR_FAILEDUnderstand this errorAI
/checkout:1 Access to XMLHttpRequest at 'https://api.elmossetgourmet.es/operations/create-stripe-checkout-session' from origin 'https://elmossetgourmet.es' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI
index-C393RbYu.js:169 Error al procesar el pago: At {message: 'Network Error', name: 'AxiosError', code: 'ERR_NETWORK', config: {…}, request: XMLHttpRequest, …}
g @ index-C393RbYu.js:169
await in g
Oe @ index-C393RbYu.js:37
Ge @ index-C393RbYu.js:37
ct @ index-C393RbYu.js:37
S1 @ index-C393RbYu.js:37
A1 @ index-C393RbYu.js:37
(anonymous) @ index-C393RbYu.js:37
Sf @ index-C393RbYu.js:40
Ta @ index-C393RbYu.js:37
kh @ index-C393RbYu.js:37
nh @ index-C393RbYu.js:37
f4 @ index-C393RbYu.js:37Understand this errorAI
index-C393RbYu.js:78

POST https://api.elmossetgourmet.es/operations/create-stripe-checkout-session net::ERR_FAILED

My

middleware.ts

middleware.ts

import type { Application } from 'express'
import cors from 'cors'

export const configureMiddleware = (app: Application) => {
  // Habilitar CORS para todas las solicitudes
  app.use((req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
    res.header('Access-Control-Allow-Credentials', 'true')

    // Manejar solicitudes preflight OPTIONS
    if (req.method === 'OPTIONS') {
      return res.status(200).send()
    }
    next()
  })

  // Configuración específica para rutas de autenticación
  app.use('/auth/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Configuración específica para rutas de operaciones (incluyendo Stripe)
  app.use('/operations/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Middleware de CORS general como respaldo
  app.use(cors({
    origin: 'https://elmossetgourmet.es',
    credentials: true,
    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'],
    preflightContinue: false,
    optionsSuccessStatus: 204
  }))
}

import type { Application } from 'express'
import cors from 'cors'

export const configureMiddleware = (app: Application) => {
  // Habilitar CORS para todas las solicitudes
  app.use((req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
    res.header('Access-Control-Allow-Credentials', 'true')

    // Manejar solicitudes preflight OPTIONS
    if (req.method === 'OPTIONS') {
      return res.status(200).send()
    }
    next()
  })

  // Configuración específica para rutas de autenticación
  app.use('/auth/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Configuración específica para rutas de operaciones (incluyendo Stripe)
  app.use('/operations/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Middleware de CORS general como respaldo
  app.use(cors({
    origin: 'https://elmossetgourmet.es',
    credentials: true,
    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'],
    preflightContinue: false,
    optionsSuccessStatus: 204
  }))
}

Wasp•14mo ago•

24 replies

NEROX

CORS issue

middleware.ts

middleware.ts

import type { Application } from 'express'
import cors from 'cors'

export const configureMiddleware = (app: Application) => {
  // Habilitar CORS para todas las solicitudes
  app.use((req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
    res.header('Access-Control-Allow-Credentials', 'true')

    // Manejar solicitudes preflight OPTIONS
    if (req.method === 'OPTIONS') {
      return res.status(200).send()
    }
    next()
  })

  // Configuración específica para rutas de autenticación
  app.use('/auth/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Configuración específica para rutas de operaciones (incluyendo Stripe)
  app.use('/operations/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Middleware de CORS general como respaldo
  app.use(cors({
    origin: 'https://elmossetgourmet.es',
    credentials: true,
    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'],
    preflightContinue: false,
    optionsSuccessStatus: 204
  }))
}

import type { Application } from 'express'
import cors from 'cors'

export const configureMiddleware = (app: Application) => {
  // Habilitar CORS para todas las solicitudes
  app.use((req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
    res.header('Access-Control-Allow-Credentials', 'true')

    // Manejar solicitudes preflight OPTIONS
    if (req.method === 'OPTIONS') {
      return res.status(200).send()
    }
    next()
  })

  // Configuración específica para rutas de autenticación
  app.use('/auth/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Configuración específica para rutas de operaciones (incluyendo Stripe)
  app.use('/operations/*', (req, res, next) => {
    res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es')
    res.header('Access-Control-Allow-Credentials', 'true')
    next()
  })

  // Middleware de CORS general como respaldo
  app.use(cors({
    origin: 'https://elmossetgourmet.es',
    credentials: true,
    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'],
    preflightContinue: false,
    optionsSuccessStatus: 204
  }))
}

CORS issue

CORS issue

Similar Threads

Similar Threads

Similar Threads