CORS 502 Bad Gateway, AWS Elastic Beanstalk Node.js server, despite proper CORS configuration

Question

Im having an extremely hard time trying to figure this CORS issue out. I uploaded my node.js code to a server on Elastic Beanstalk. Its supposedly running normally but I cant make a requests because of 502 Bad gateway.

My website works fine locally. Im freaking out because I have to launch this site in like a week and I want to test it online first.

OPTIONS http://example.us-east-2.elasticbeanstalk.com/api/users/signin 502 (Bad Gateway)

www.example.com/:1 Failed to load http://example.us-east-2.elasticbeanstalk.com/api/users/signin: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.example.com' is therefore not allowed access.

Thats the error in google chrome console. The front end site is hosted on AWS S3. I belive i set the CORS config right in the bucket on AWS.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
<CORSRule>
    <AllowedOrigin>http://www.example.com</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
    <AllowedOrigin>http://www.example.com.s3-website.us-east-2.amazonaws.com</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
    <AllowedOrigin>http://example.com</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
    <AllowedOrigin>https://example.com</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

node code set response headers with expess

app.use((req, res, next) =>{
  res.setHeader('Access-Control-Allow-Origin', '*, www.example.com, example.com, www.example.com.s3-website.us-east-2.amazonaws.com');
  res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE, OPTIONS');
  next();
});

And just incase here is one of my request made in Angular

this.http.post<{userName: string, userId: string, token: string; expiresIn: number, userType: string }>(BACK_END_URL_USER + 'signin', signinData).subscribe(response => {
    // some code }

Any help in the right direction would save my life

Answer 1

I have since solved this issue.

turns out that the port on my code wasnt up to documentation for AWS's node platform.

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/nodejs-platform-proxy.html

this line in my server.js file.

const port = normalizePort(process.env.PORT || "3000");

The port was going to 3000. The PORT variable according to their documentation sets the port to the proper proxy/edge server port but was never doing it in my case.

So I ending up just changing the "or" port to 8081 which fixed my issue!

const port = normalizePort(process.env.PORT || "8081");