https://kotlinlang.org logo
Title
j

Júlio Santos

09/24/2020, 2:02 PM
I'm passing the Google rechapta token in the Header, and CORS is giving an error. has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. What do I need to enable in CORS?
a

asad.awadia

09/24/2020, 2:08 PM
your backend API needs to enable cors for your domain - this could mean allowing cors for localhost/domain in your backend - or adding some whitelist in the google console probably
j

Júlio Santos

09/24/2020, 2:09 PM
Got it, CORS is configured this way.
install(CORS) {
        method(HttpMethod.Options)
        method(<http://HttpMethod.Post|HttpMethod.Post>)
        method(HttpMethod.Get)
        method(HttpMethod.Put)
        method(HttpMethod.Delete)
        method(HttpMethod.Head)
        header(HttpHeaders.AccessControlAllowHeaders)
        header(HttpHeaders.ContentType)
        header(HttpHeaders.AccessControlAllowOrigin)
        header(HttpHeaders.AccessControlAllowMethods)
        header(HttpHeaders.Authorization)
        allowCredentials = true
        allowNonSimpleContentTypes = true
        anyHost()
    }
I have already enabled it, do you think I need to configure something else?
a

asad.awadia

09/24/2020, 2:11 PM
you need to whitelist the headers you want to use `
header("g-recaptcha")
` https://stackoverflow.com/questions/54327270/access-control-allow-origin-issue-in-ktor-cors-header
but the other stuff looks fine
j

Júlio Santos

09/24/2020, 2:13 PM
Got it, I should have been paying more attention to it, I'm going to test it here! Thank you so