C. Lightner
Reputation: 33
Express middleware blocked by CORS policy (hitting authorization error for preflight OPTIONS request)
When this block is not present, my API works perfectly.
When I add this block in, I get a CORS error:
Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
What am I missing?
app.use((req, res, next) => {
try {
if (secret !== config.secret) {
throw new Error('Not Authorized')
} else {
next()
}
} catch (err) {
next(err)
}
});
Upvotes: 1
Views: 277
Answers (1)
sp00m
Reputation: 48817
Make sure the error is not thrown if the request's method is OPTIONS:
if (req.method !== "OPTIONS" && secret !== config.secret) {
throw ...
}
See https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request.
Upvotes: 1
Related Questions
- CORS in OAuth: Response to preflight request doesn't pass access control check
- Access to XMLHttpRequest has blocked by cors Policy:Response to preflight request doesn't pass access control check
- Getting express server to accept CORS request
- "No 'Access-Control-Allow-Origin' header is present on the requested resource" error even though I have the appropriate CORS middleware in place
- Method Options is not allowed in preflight response
- Trying to use express middleware to serve third party API requests
- express JS cors middleware does not work when server is accessed though fetch request
- Enabled CORS in node/express but getting "Response to preflight request doesn't pass access control check"
- Node + Express server not responding after OPTIONS preflight request
- Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.