The documentation advises that CORS is enabled by default. But with the default CORS configuration, I am still getting CORS issues. Checking the response headers, no CORS headers are attached.
Access to XMLHttpRequest at 'http://localhost:8081/sessions' from origin 'http://local.example.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
// src/index.ts
if (require.main === module) {
// Run the application
const config: ApplicationConfig = {
rest: {
port: +(process.env.PORT ?? 8081),
host: process.env.HOST,
// The `gracePeriodForClose` provides a graceful close for http/https
// servers with keep-alive clients. The default value is `Infinity`
// (don't force-close). If you want to immediately destroy all sockets
// upon stop, set its value to `0`.
// See https://www.npmjs.com/package/stoppable
gracePeriodForClose: 5000, // 5 seconds
openApiSpec: {
// useful when used with OpenAPI-to-GraphQL to locate your application
setServersFromRequest: true,
},
cors: {
origin: '*',
methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
preflightContinue: false,
optionsSuccessStatus: 204,
credentials: true,
},
},
}
main(config).catch((err) => {
console.error('Cannot start the application.', err)
process.exit(1)
})
}