WaspW
Wasp13mo ago
NEROX

CORS issue

@kapa.ai i'm experiencing a CORS issue:

Access to XMLHttpRequest at 'https://api.elmossetgourmet.es/auth/me' from origin 'https://elmossetgourmet.es' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI
api.elmossetgourmet.es/auth/me:1


Failed to load resource: net::ERR_FAILEDUnderstand this errorAI
/checkout:1 Access to XMLHttpRequest at 'https://api.elmossetgourmet.es/operations/create-stripe-checkout-session' from origin 'https://elmossetgourmet.es' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI
index-C393RbYu.js:169 Error al procesar el pago: At {message: 'Network Error', name: 'AxiosError', code: 'ERR_NETWORK', config: {}, request: XMLHttpRequest}
g @ index-C393RbYu.js:169
await in g
Oe @ index-C393RbYu.js:37
Ge @ index-C393RbYu.js:37
ct @ index-C393RbYu.js:37
S1 @ index-C393RbYu.js:37
A1 @ index-C393RbYu.js:37
(anonymous) @ index-C393RbYu.js:37
Sf @ index-C393RbYu.js:40
Ta @ index-C393RbYu.js:37
kh @ index-C393RbYu.js:37
nh @ index-C393RbYu.js:37
f4 @ index-C393RbYu.js:37Understand this errorAI
index-C393RbYu.js:78


POST https://api.elmossetgourmet.es/operations/create-stripe-checkout-session net::ERR_FAILED


My middleware.ts:

import type { Application } from 'express' import cors from 'cors' export const configureMiddleware = (app: Application) => { // Habilitar CORS para todas las solicitudes app.use((req, res, next) => { res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es') res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization') res.header('Access-Control-Allow-Credentials', 'true') // Manejar solicitudes preflight OPTIONS if (req.method === 'OPTIONS') { return res.status(200).send() } next() }) // Configuración específica para rutas de autenticación app.use('/auth/*', (req, res, next) => { res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es') res.header('Access-Control-Allow-Credentials', 'true') next() }) // Configuración específica para rutas de operaciones (incluyendo Stripe) app.use('/operations/*', (req, res, next) => { res.header('Access-Control-Allow-Origin', 'https://elmossetgourmet.es') res.header('Access-Control-Allow-Credentials', 'true') next() }) // Middleware de CORS general como respaldo app.use(cors({ origin: 'https://elmossetgourmet.es', credentials: true, methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'Origin'], preflightContinue: false, optionsSuccessStatus: 204 })) }
Was this page helpful?