Reputation: 53
How to configure properly CORS on sailsjs api
My app is consisting from angularjs on frontend and sailsjs on backend. I am trying to configure CORS on my backend, but without success. I want that backend on address api.example.com is accessible only from frontend from address blog.example.com. My settings on sails config/cors.js are:
allRoutes: false,
origin: 'http://blog.example.com',
credentials: true,
methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',
headers: 'content-type'
Result is, that my backend is freely accessible if I type to browser address bar api.example.com, but NOT from my frontend! In Chrome I get answer: "The 'Access-Control-Allow-Origin' header contains the invalid value ' '", Firefox sends just empty Response Body. I tried to configure cors in config/routes.js too, but also no success. Any help is appreciated!
Upvotes: 1
Views: 415
Answers (1)
Reputation: 5979
You want allRoutes: true unless your enabling cors on a route by route basis.
http://sailsjs.org/documentation/concepts/security/cors
Upvotes: 2
Related Questions
- Sails, React and Axios Error with CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
- CORS for AWS API Gateway return HTTP 500
- How to enable CORS in Sails.js on OpenShift
- Sailsjs CORS 'Access-Control-Allow-Origin' issue
- SailsJS - CORS - The 'Access-Control-Allow-Origin' header contains the invalid value ''
- Call REST API in Sails js
- Sails.js global CORS config not working, per-route is
- How to CORS Allow Headers in Sails
- Sails/Angular Cross-Origin Request Blocked
- sailsjs cors bad request still getting through to controller