fragordie
04/12/2022, 3:09 PMAccess to fetch at 'https://evt-api-dev.revod.cloud/auth/signinup/code' from origin 'http://localhost:8000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
evt-api-dev.revod.cloud/auth/signinup/code:1 Failed to load resource: net::ERR_FAILED
even though these are the allowed origins in the nestjs backend:
ts
app.enableCors({
origin: [
process.env.EVENTVM_BASE_URL,
'https://studio.apollographql.com',
'http://localhost:8000',
],
allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
credentials: true,
});
why's so?rp_st
04/12/2022, 3:27 PMcors
node package like so: https://github.com/supertokens/supertokens-node/blob/master/examples/express/with-thirdpartyemailpassword/index.js#L120fragordie
04/12/2022, 4:09 PMrp_st
04/12/2022, 4:10 PMfragordie
04/12/2022, 4:11 PMfragordie
04/12/2022, 4:11 PM