json-server icon indicating copy to clipboard operation
json-server copied to clipboard

Published 20 hours ago verified publisher icon typicode

CORS Issue (Access-Control-Allow-Headers)

Open ericc-ch opened this issue 1 year ago • 1 comments

I want to mock a missing endpoint for my project. I set it up so every request that is sent, has an Authorization header. But because of that same header, my browser said that it's having a CORS error.

Access to XMLHttpRequest at 'http://localhost:3000/tasks' from origin 'http://localhost:5173' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.

I looked it up and apparently that's because the default options for allowedHeaders in tinyhttp/cors only allows content-type. image

Can we have that so the default allowedHeaders is set to * ? I haven't tested it but I can try and make the PR if you want.

Thank you!

ericc-ch avatar May 20 '24 03:05 ericc-ch