CORS Access-Control-Allow-Origin for https
Question
I have a two part app,
- an https api server on aws eb, using cloudfront
- an https aws s3 angular front end, using cloudfront
I have set res.setHeader('Access-Control-Allow-Origin', '*'); in the API app.js, and can access the API manually without a problem.
However when using the webapp I get the following error No 'Access-Control-Allow-Origin' header is present.
It worked when I was using http, but using https from cloudfront distributions I get the error.
Any help or pointers of what to read would be appreciated.
1 answers
solution1
0 ACCPTED 2019-12-09 02:46:59
First check if the origin returns the "Access-Control-Allow-Origin" header by running a curl command similar to the following:
curl -H "origin: example.com" -v "https://api.example.com/hello"
HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Mon, 01 May 2018 03:06:41 GMT
Content-Type: text/html
Content-Length: 3770
Last-Modified: Thu, 16 Mar 2017 01:50:52 GMT
Connection: keep-alive
ETag: "58c9ef7c-eba"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Second, Check to see if the cloudfront distributions to allow GET, HEAD, OPTIONS http methods.
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/no-access-control-allow-origin-error/
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.