Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
r
Rahat_Rock
02/25/2023, 2:28 PMHeyy,
We have a nest.js application deployed on Railway.
In the frontend we have next.js deployed on Vercel.
In the backend CORS is set like this
app.enableCors({
origin: [
'*',
'http://localhost:3001',
'http://localhost:3000',
'https://*.vercel.app',
'https://*.vercel.app/*',
],
allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
credentials: true,
});r
rp
02/25/2023, 2:30 PMHey @Rahat_Rock
Can I see the response headers in the OPTION Api? And does that actual request get made post that?
r
Rahat_Rock
02/25/2023, 2:33 PMHere is the options API headers
r
rp
02/25/2023, 2:34 PMHmmm. That’s odd
I’m not sure. This is a cors setting. You should ask in the support of your web framework being used.
r
Rahat_Rock
02/25/2023, 2:36 PMOkay there was two preflights, one passed, one failed,
and actual request gets CORS errored
Yeah This is really confusing man -_-
r
rp
02/25/2023, 2:37 PMIs the supertokens middleware before or after the cors?
r
Rahat_Rock
02/25/2023, 2:37 PMBefore
r
rp
02/25/2023, 2:38 PMMove the supertokens middleware to after the cors one and try again
r
Rahat_Rock
02/25/2023, 2:54 PMnope. doesn't work.
I think supertokens doesn't have proper support for vercel's dynamic url's
I can only test on production/non-dynamic urls
r
rp
02/25/2023, 2:55 PMThat warning has nothing to do with cors setting issues
r
Rahat_Rock
02/25/2023, 2:55 PMAhh.. 😐
okay
r
rp
02/25/2023, 2:55 PMSo you should see why the cors isnt applied before the middleware runs
r
Rahat_Rock
02/25/2023, 2:56 PMokay lemme try some things
Okay I just added this regular expression,
and It fixed CORS issues