I'm running my frontend application (nextJS) at https://editor.website.com and my backend application (expressJS) at https://api.editor.website.com - both as docker container. I'm trying to upload some image files using graphQL and mostly it works, but sometimes it fails with these two errors:
POST https://api.editor.website.com/graphql 413
Access to fetch at 'https://api.editor.website.com/graphql' from origin 'https://editor.website.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I tried to set universal cors to prevent this problem, but this doesn't work. So what am I missing?
Server
import express from 'express'
import cors from 'cors'
const app = express()
app.options('*', cors())
// app.use(cors())
server.applyMiddleware({ app, path: '/graphql' })