Why doesn't adding CORS headers to an OPTIONS route allow browsers to access my API?
To answer your main question, the CORS spec only requires the OPTIONS call to precede the POST or GET if the POST or GET has any non-simple content or headers in it.
Content-Types that require a CORS pre-flight request (the OPTIONS call) are any Content-Type except the following:
application/x-www-form-urlencoded
multipart/form-data
text/plain
Any other Content-Types apart from those listed above will trigger a pre-flight request.
As for Headers, any Request Headers apart from the following will trigger a pre-flight request:
Accept
Accept-Language
Content-Language
Content-Type
DPR
Save-Data
Viewport-Width
Width
Any other Request Headers will trigger the pre-flight request.
So, you could add a custom header such as: x-Trigger: CORS
, and that should trigger the pre-flight request and hit the OPTIONS block.
See MDN Web API Reference - CORS Preflighted requests
How to enable CORS for nodejs Express server?
Your cors error message clearly says you need to use http when making the request
$.ajax({ type: "GET", url: "http://localhost:3000/send", beforeSend:function(){ $(".loading_msg").hide(); }, complete:function(){ $(".loading_msg").show(); }});
How to allow CORS in node.js?
Since you use nodejs
installing cors
npm install cors
After that
var express = require('express')
var cors = require('cors')
var app = express()
app.use(cors())
app.get('/products/:id', function (req, res, next) {
res.json({msg: 'This is CORS-enabled for all origins!'})
})
app.listen(80, function () {
console.log('CORS-enabled web server listening on port 80')
})
Then after applying "cors" middleware. You need to insert "http://" before "localhost: in your react app".
Example
axios.get(`http://localhost:3001/api/app`)
.then(res => {
console.log("res", res);
})
.catch(err => {
console.log("AXIOS ERROR:", err);
})
How to allow CORS with Node.js (without using Express)
This is because you are requesting a not-so-simple request, meaning it needs to handle preflight request which is made as an HTTP OPTIONS request (so be sure your server is able to respond to this method). The preflight request is a way of asking permissions for the actual request, before making the actual request. The server should inspect the two headers above to verify that both the HTTP method and the requested headers are valid and accepted.
Related Topics
Change Values in Array When Doing Foreach
Check If a Variable Is a String in JavaScript
Why Does Usestate Cause the Component to Render Twice on Each Update
Recursively Looping Through an Object to Build a Property List
How to Implement Routereusestrategy Shoulddetach for Specific Routes in Angular 2
How to Use Window.Postmessage Across Domains
How to Save Image from Canvas with CSS Filters
How to Curve/Arc Text Using CSS3/Canvas
Setting Href Attribute at Runtime
Get Average Color of Image via JavaScript
JavaScript Checking for Null VS. Undefined and Difference Between == and ===
How to Dodge Jquery Promises Completely When Chaining Two Async Jquery Functions
Event When Window.Location.Href Changes
How to Mock an Es6 Module Import Using Jest
Defer Execution for Es6 Template Literals