passport ERROR : No "Access-Control-Allow-Origin" header is present

I am trying google signIn using angular2 and nodejs where angular2 and nodejs are running on 4200 and 3000 port respectively.So, when I click on SignIn with Google(button) it throws me an error as:

XMLHttpRequest cannot load https://accounts.google.com/o/oauth2/v2/auth?response_type=code&redirect_ur…d=287790791492-gjuv677chmkmqih4v1p6fc3jti32v76q.apps.googleusercontent.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

Although, I set headers on Node side...

I followed example on this link - https://github.com/kumartarun/JWT-with-Node-JS

How I solve this issue , will anyone please help me ??

Jun 27 '17 09:06 Smurfy303

You're running into a CORS issue. See more here: https://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource

Jun 27 '17 15:06 James-Quigley

Same issue. I can access if I use hyperlink, but with axios + sequelize, it's impossible

Nov 14 '17 01:11 serudda

You have to set up the correct CORS options: https://www.npmjs.com/package/cors, mainly 'origin' and 'credentials'

Jan 05 '18 20:01 bermick

Same issue, not working with CORS as mentioned by @bermick as well. @bermick , can you please provide correct CORS options

Feb 26 '18 08:02 Shailu4u

Try this, https://www.youtube.com/watch?v=L-hYd2DObTA&t=93s

Mar 23 '18 11:03 SEMeesha

I have a problem with - Origin 'null' is therefore not allowed access. Any ideas how to solve it? Angular 5 - http://localhost:4000; API - http://localhost:3000; 2018-06-26_1842

Jun 26 '18 15:06 YuriiZadorozhnyi

I also faced the same issue when I was using file path to run my file. It got solved on running on localhost.

Jul 05 '18 11:07 manjari188

@YuriiZadorozhnyi did you solved that issue?

Aug 08 '18 09:08 eshwarchettri

I faced the same issue, I think it due to the api you call

Aug 09 '18 08:08 smark-d

please, some example in angular consuming local api?

Aug 16 '18 14:08 FernandoIbaePLiborio

I am having same issue, is there any fix for this?

Sep 06 '18 21:09 Gennttii

I faced the same issue, and i tried SEMeesha solution but it did not work for me

Sep 07 '18 08:09 DangDuy612

In the Web Api (backend) inside the Web.config between the <system.webServer> </ system.webServer> tags, insert the http protocol ex:

`<system.webServer>

<httpProtocol>
  <customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Headers" value="Content-Type" />
    <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
  </customHeaders>
</httpProtocol>

</system.webServer> ` I hope I have helped someone

Sep 09 '18 16:09 FernandoIbaePLiborio

I have a problem with - Origin 'null' is therefore not allowed access. Any ideas how to solve it? Angular 5 - http://localhost:4000; API - http://localhost:3000;

I have the same error and 2 days I've spent for resolving but nothing work. Did you solve the problem?

Sep 25 '18 19:09 ManoogD

i have same problem Angularjs - localhost/symfonyjung/user.php symfony- localhost:8000.....

Failed to load http://localhost/symfonyjung/user.php: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access.

Sep 27 '18 15:09 leeejungmin

I faced the same issue. Please follow the link below. It may help. https://www.youtube.com/watch?v=F9pGJRiuxo0

Sep 28 '18 16:09 sravaisridhara94

Thank you! -----Original Message----- From: "sravaisridhara94"[email protected] To: "jaredhanson/passport"[email protected]; Cc: "JUNGMIN LEE"[email protected]; "Comment"[email protected]; Sent: 2018-09-29 (토) 01:43:28 Subject: Re: [jaredhanson/passport] ERROR : No "Access-Control-Allow-Origin" header is present (#582)

I faced the same issue. Please follow the link below. It may help. https://www.youtube.com/watch?v=F9pGJRiuxo0 — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

Oct 02 '18 03:10 leeejungmin

same issue here but I couldnt resolve it help?

Nov 03 '18 20:11 ghost

Same issue with CORS

Mar 10 '19 22:03 Matiyeu

In the Web Api (backend) inside the Web.config between the <system.webServer> </ system.webServer> tags, insert the http protocol ex:

`<system.webServer>
<httpProtocol>
  <customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Headers" value="Content-Type" />
    <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
  </customHeaders>
</httpProtocol>
</system.webServer> ` I hope I have helped someone

It works for POST and GET. for PUT getting the below error. Any thoughts

May 29 '19 02:05 vijayalaya

Your Google button need to be an <a href=""> tag. If you're using a button, to call you server with some lib (like axios), you will get a CORS issue through the redirects inside the flow

I didn't see your code, but maybe you can try check this.

Jun 27 '19 10:06 ifdouglas-zz

@ifdouglas, I am starting to develop react applications so I'm a complete noob here. Can you please explain the difference between using an anchor tag and submitting a form using axios?

How are the two different?

why do I get a CORS when submitting via axios?

I have a

frontend server: localhost:4000
backend server: localhost:3000

when I GET a form at localhost:3000/auth/google_oauth2 from frontend server, I get a CORS. To fix that, I set the response headers from the backend application - Access-Control-Allow-Origin : 'http://localhost:4000'. After that, the error in the browser console changed to :

Access to XMLHttpRequest at 'https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=<private_client_id>.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fgoogle_oauth2%2Fcallback&response_type=code&scope=email+profile&state=<some_state>' (redirected from 'http://localhost:3000/auth/google_oauth2') from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Jul 15 '19 14:07 dipunj

I need help with this problem too. In my web.config added this property, but I can't access to my API Help please, thanks.

<system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Headers" value="Content-Type" />
        <add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
      </customHeaders>
    </httpProtocol>
  </system.webServer>

Jul 23 '19 17:07 deivirobles

I have a problem with - Origin 'null' is therefore not allowed access. Any ideas how to solve it? Angular 5 - http://localhost:4000; API - http://localhost:3000;

Were you ever able to fix this? I have the null issue as well.

Jul 29 '19 02:07 hscanlan

https://codeburst.io/react-authentication-with-twitter-google-facebook-and-github-862d59583105

This article helped me.

Oct 11 '19 23:10 kanejoe

@ifdouglas, I am starting to develop react applications so I'm a complete noob here. Can you please explain the difference between using an anchor tag and submitting a form using axios?

How are the two different?

why do I get a CORS when submitting via axios?

I have a

frontend server: localhost:4000

backend server: localhost:3000

when I GET a form at localhost:3000/auth/google_oauth2 from frontend server, I get a CORS. To fix that, I set the response headers from the backend application - Access-Control-Allow-Origin : 'http://localhost:4000'. After that, the error in the browser console changed to :

Access to XMLHttpRequest at 'https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=<private_client_id>.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fgoogle_oauth2%2Fcallback&response_type=code&scope=email+profile&state=<some_state>' (redirected from 'http://localhost:3000/auth/google_oauth2') from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

same issue. any solutions ??

Oct 25 '19 18:10 riyastk

Access to script at 'https://maps.googleapis.com/maps/api/place/autocomplete/json?key=AIzaSyBv5031L1Eo21PtleqFAezQFXYCQQVZMF4&libraries=places&callback=initMap' from origin 'null' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Need Help Please :( :( :(

Jan 28 '20 13:01 nidhigadhavi

I also facing issues in when getting files from Azure blob storage.

Access to XMLHttpRequest at 'filepath' from origin 'https://localhost:5001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

can anyone share solution for this.

Feb 07 '20 20:02 kmkrish007

I still get this error when send post request via axios, local development with Ruby on Rails, Webpack as bundler for React as frontend

Feb 23 '20 05:02 dieulinh

This is happening because of the CORS (Cross Origin Resource Sharing) . You are doing an XMLHttpRequest to a different domain than your page is on. So the browser is blocking it as it usually allows a request in the same origin for security reasons. You need to do something different when you want to do a cross-domain request.

If you need to enable CORS on the server in case of localhost, you need to have the following on request header.

Access-Control-Allow-Origin: http://localhost:9999

If this is for local development and you are using Chrome , you need to run Chrome with a couple of arguments to relax security like this:

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-file-access-from-files --disable-web-security

passport passport copied to clipboard

ERROR : No "Access-Control-Allow-Origin" header is present

passport
passport copied to clipboard