3

I created a REST Api using nodejs and mongodb and i wanted to test it in postman but while doing so I am getting a CORS error.

var express = require('express'); var log = require('morgan')('dev'); var bodyParser = require('body-parser'); var properties = require('./config/properties'); var db = require('./config/database.js'); //hero routes var herosRoutes = require('./api/heros/heros.routes'); var app = express(); //configure bodyparser var bodyParserJSON = bodyParser.json(); var bodyParserURLEncoded = bodyParser.urlencoded({extended:true}); //initialise express router var router = express.Router(); // call the database connectivity function db.mongoc(); // configure app.use() app.use(log); app.use(bodyParserJSON); app.use(bodyParserURLEncoded); // Error handling app.use(function(req, res, next) { res.setHeader("Access-Control-Allow-Origin", "*"); res.setHeader("Access-Control-Allow-Credentials", "true"); res.setHeader("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT"); res.setHeader("Access-Control-Allow-Headers", "Access-Control-Allow-Origin,Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Authorization"); next(); }); // use express router app.use('/api',router); //call heros routing herosRoutes.hero(router); // intialise server app.listen(properties.PORT, (req, res) => { console.log(`Server is running on ${properties.PORT} port.`); })

Whenever i make any create or get request, i get this CORS error in postman. How to solve this?

CORS Error: The request has been blocked because of the CORS policy

Improve this question
1

2 Answers 2

Reset to default
5

if someone is still having this issue, Postman doesn't provide an origin when calling the API, so when we have restricted CORS policy an error is generated saying Error: Not allowed by CORS.

Sample code for bypassing this issue is this:

const whitelist = ['https://localhost:3001'] const corsOptions = { origin: function (origin, callback) { if(!origin){//for bypassing postman req with no origin return callback(null, true); } if (whitelist.indexOf(origin) !== -1) { callback(null, true); } else { callback(new Error('Not allowed by CORS')) } } } app.use(cors(corsOptions));
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

Have you tried the CORS package from Express? It's a simple setup:

npm i cors

Then just use it in your app (this enables ALL CORS requests):

app.use(cors());

Docs

Also answered here.

Improve this answer

7 Comments

its a socket hangup error now, its taking a long time to get the response.
@HimanshuRanjan, Did you remove your previous app.use() for CORS under // Error handling?
@HimanshuRanjan, your router config is also strange. What does your herosRoutes file look like?
i did delete it but its still not responding.
github.com/Himanshuranjan30/RESTapi_nodejs Can you check the issue in my git please? its not that much of code @Ryan
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.