Express CORS Works On Others Endpoints But One












0















I have a simple Express project as my API endpoint using cors as middleware.



The cors works on any others endpoint but one. Here is my code snapshot:



const express = require('express');

var cors = require('cors');

const app = express();



app.use(cors());



app.get('/shuttles',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})



app.get('/deposit',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})


The CORS in /deposit is working but not with /shuttles.



NB: Nevermind the tokenPassport require. It is for authorization.



EDIT



Here is the snapshot of network tab in chrome devtool. It's only send OPTIONS request and that is the response header. No Access-Control-Allow-Origin header in the response.



snapshot






node.js express cors







share|improve this question

























  • Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

    – sideshowbarker
    Nov 27 '18 at 3:40


















0















I have a simple Express project as my API endpoint using cors as middleware.



The cors works on any others endpoint but one. Here is my code snapshot:



const express = require('express');

var cors = require('cors');

const app = express();



app.use(cors());



app.get('/shuttles',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})



app.get('/deposit',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})


The CORS in /deposit is working but not with /shuttles.



NB: Nevermind the tokenPassport require. It is for authorization.



EDIT



Here is the snapshot of network tab in chrome devtool. It's only send OPTIONS request and that is the response header. No Access-Control-Allow-Origin header in the response.



snapshot






node.js express cors







share|improve this question

























  • Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

    – sideshowbarker
    Nov 27 '18 at 3:40
















0












0








0








I have a simple Express project as my API endpoint using cors as middleware.



The cors works on any others endpoint but one. Here is my code snapshot:



const express = require('express');

var cors = require('cors');

const app = express();



app.use(cors());



app.get('/shuttles',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})



app.get('/deposit',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})


The CORS in /deposit is working but not with /shuttles.



NB: Nevermind the tokenPassport require. It is for authorization.



EDIT



Here is the snapshot of network tab in chrome devtool. It's only send OPTIONS request and that is the response header. No Access-Control-Allow-Origin header in the response.



snapshot






node.js express cors







share|improve this question
















I have a simple Express project as my API endpoint using cors as middleware.



The cors works on any others endpoint but one. Here is my code snapshot:



const express = require('express');

var cors = require('cors');

const app = express();



app.use(cors());



app.get('/shuttles',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})



app.get('/deposit',

    tokenPassport.authenticate('bearer', { session: false }),

    (req, res) => {

        // ....

        // implementation goes here...

        // ....

})


The CORS in /deposit is working but not with /shuttles.



NB: Nevermind the tokenPassport require. It is for authorization.



EDIT



Here is the snapshot of network tab in chrome devtool. It's only send OPTIONS request and that is the response header. No Access-Control-Allow-Origin header in the response.



snapshot






node.js express cors




node.js express cors






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 27 '18 at 5:28







Kevin Christian

















asked Nov 26 '18 at 5:17









Kevin ChristianKevin Christian

366




366













  • Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

    – sideshowbarker
    Nov 27 '18 at 3:40





















  • Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

    – sideshowbarker
    Nov 27 '18 at 3:40



















Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

– sideshowbarker
Nov 27 '18 at 3:40







Use stackoverflow.com/posts/53475102/edit to edit/update your question and add the exact error message that your browser is logging in the devtools console when you make a request to the '/shuttles' endpoint. Also, add a code snippet showing the frontend JavaScript code you’re using to make the request.

– sideshowbarker
Nov 27 '18 at 3:40














3 Answers
3






active

oldest

votes


















2














you can create your own middleware, in your app.js or server.js file.



//CORS

app.use((req, res, next) => {

    res.setHeader('Access-Control-Allow-Origin', '*');

    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');

    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Accept,Authorization');

    res.setHeader('Access-Control-Allow-Credentials', true);

    next();

});


if you want to use the cros module



const corsOptions = {

    "origin": "*",

    "methods": "GET, HEAD, PUT, PATCH, POST, DELETE",

    // other options

}



app.use(cors(corsOptions));





share|improve this answer
























  • thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

    – Kevin Christian
    Nov 27 '18 at 5:25











  • I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

    – sanprodev
    Nov 27 '18 at 9:52











  • Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

    – Kevin Christian
    Nov 28 '18 at 5:13











  • I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

    – sanprodev
    Nov 28 '18 at 5:16



















1














Hi can you try adding this line in the express server
app.options('*', cors()); . also can you check whether from the client application when you are invoking the /shuttles end point are you adding 'access-control-origins' header to *






share|improve this answer
























  • thank you for your reply, but unfortunately it doesn't work on any endpoints :(

    – Kevin Christian
    Nov 27 '18 at 5:29



















0














After some meditation finding the solution in the universe, my Express application is hosted in Google App Engine and I realized that my dispatch.yaml contains



- url: "*/shuttles*"

  service: shuttle


It is the source of the problem.
Just rework the shuttle service and the routing then it solved :D



Thanks for all your comment, they all right.






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53475102%2fexpress-cors-works-on-others-endpoints-but-one%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    you can create your own middleware, in your app.js or server.js file.



    //CORS
    
app.use((req, res, next) => {
    
    res.setHeader('Access-Control-Allow-Origin', '*');
    
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Accept,Authorization');
    
    res.setHeader('Access-Control-Allow-Credentials', true);
    
    next();
    
});


    if you want to use the cros module



    const corsOptions = {
    
    "origin": "*",
    
    "methods": "GET, HEAD, PUT, PATCH, POST, DELETE",
    
    // other options
    
}
    

    
app.use(cors(corsOptions));





    share|improve this answer
























    • thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

      – Kevin Christian
      Nov 27 '18 at 5:25











    • I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

      – sanprodev
      Nov 27 '18 at 9:52











    • Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

      – Kevin Christian
      Nov 28 '18 at 5:13











    • I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

      – sanprodev
      Nov 28 '18 at 5:16
















    2














    you can create your own middleware, in your app.js or server.js file.



    //CORS
    
app.use((req, res, next) => {
    
    res.setHeader('Access-Control-Allow-Origin', '*');
    
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Accept,Authorization');
    
    res.setHeader('Access-Control-Allow-Credentials', true);
    
    next();
    
});


    if you want to use the cros module



    const corsOptions = {
    
    "origin": "*",
    
    "methods": "GET, HEAD, PUT, PATCH, POST, DELETE",
    
    // other options
    
}
    

    
app.use(cors(corsOptions));





    share|improve this answer
























    • thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

      – Kevin Christian
      Nov 27 '18 at 5:25











    • I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

      – sanprodev
      Nov 27 '18 at 9:52











    • Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

      – Kevin Christian
      Nov 28 '18 at 5:13











    • I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

      – sanprodev
      Nov 28 '18 at 5:16














    2












    2








    2







    you can create your own middleware, in your app.js or server.js file.



    //CORS
    
app.use((req, res, next) => {
    
    res.setHeader('Access-Control-Allow-Origin', '*');
    
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Accept,Authorization');
    
    res.setHeader('Access-Control-Allow-Credentials', true);
    
    next();
    
});


    if you want to use the cros module



    const corsOptions = {
    
    "origin": "*",
    
    "methods": "GET, HEAD, PUT, PATCH, POST, DELETE",
    
    // other options
    
}
    

    
app.use(cors(corsOptions));





    share|improve this answer













    you can create your own middleware, in your app.js or server.js file.



    //CORS
    
app.use((req, res, next) => {
    
    res.setHeader('Access-Control-Allow-Origin', '*');
    
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Accept,Authorization');
    
    res.setHeader('Access-Control-Allow-Credentials', true);
    
    next();
    
});


    if you want to use the cros module



    const corsOptions = {
    
    "origin": "*",
    
    "methods": "GET, HEAD, PUT, PATCH, POST, DELETE",
    
    // other options
    
}
    

    
app.use(cors(corsOptions));






    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 26 '18 at 6:07









    sanprodevsanprodev

    808




    808













    • thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

      – Kevin Christian
      Nov 27 '18 at 5:25











    • I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

      – sanprodev
      Nov 27 '18 at 9:52











    • Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

      – Kevin Christian
      Nov 28 '18 at 5:13











    • I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

      – sanprodev
      Nov 28 '18 at 5:16



















    • thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

      – Kevin Christian
      Nov 27 '18 at 5:25











    • I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

      – sanprodev
      Nov 27 '18 at 9:52











    • Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

      – Kevin Christian
      Nov 28 '18 at 5:13











    • I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

      – sanprodev
      Nov 28 '18 at 5:16

















    thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

    – Kevin Christian
    Nov 27 '18 at 5:25





    thank you for your suggestion but unfortunately it doesn't work :( the cors still doesn't work on shuttles endpoint but works on other endpoints.

    – Kevin Christian
    Nov 27 '18 at 5:25













    I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

    – sanprodev
    Nov 27 '18 at 9:52





    I'm not sure why it's not working for that particular route, can you try explicitly adding cors this route. something like this app.get('/shuttles', cors(corsOptions), other parameters.

    – sanprodev
    Nov 27 '18 at 9:52













    Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

    – Kevin Christian
    Nov 28 '18 at 5:13





    Have you see my edit on the question? I attach a snapshot of chrome devtool, any clue from that?

    – Kevin Christian
    Nov 28 '18 at 5:13













    I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

    – sanprodev
    Nov 28 '18 at 5:16





    I can only see that the header is not there, you will have to do some debugging on your end, have you tried explicit passing of cors.

    – sanprodev
    Nov 28 '18 at 5:16













    1














    Hi can you try adding this line in the express server
    app.options('*', cors());     . also can you check whether from the client application when you are invoking the /shuttles end point are you adding 'access-control-origins' header to *






    share|improve this answer
























    • thank you for your reply, but unfortunately it doesn't work on any endpoints :(

      – Kevin Christian
      Nov 27 '18 at 5:29
















    1














    Hi can you try adding this line in the express server
    app.options('*', cors());     . also can you check whether from the client application when you are invoking the /shuttles end point are you adding 'access-control-origins' header to *






    share|improve this answer
























    • thank you for your reply, but unfortunately it doesn't work on any endpoints :(

      – Kevin Christian
      Nov 27 '18 at 5:29














    1












    1








    1







    Hi can you try adding this line in the express server
    app.options('*', cors());     . also can you check whether from the client application when you are invoking the /shuttles end point are you adding 'access-control-origins' header to *






    share|improve this answer













    Hi can you try adding this line in the express server
    app.options('*', cors());     . also can you check whether from the client application when you are invoking the /shuttles end point are you adding 'access-control-origins' header to *







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 26 '18 at 5:25









    Vaibhav Kumar GoyalVaibhav Kumar Goyal

    664613




    664613













    • thank you for your reply, but unfortunately it doesn't work on any endpoints :(

      – Kevin Christian
      Nov 27 '18 at 5:29



















    • thank you for your reply, but unfortunately it doesn't work on any endpoints :(

      – Kevin Christian
      Nov 27 '18 at 5:29

















    thank you for your reply, but unfortunately it doesn't work on any endpoints :(

    – Kevin Christian
    Nov 27 '18 at 5:29





    thank you for your reply, but unfortunately it doesn't work on any endpoints :(

    – Kevin Christian
    Nov 27 '18 at 5:29











    0














    After some meditation finding the solution in the universe, my Express application is hosted in Google App Engine and I realized that my dispatch.yaml contains



    - url: "*/shuttles*"
    
  service: shuttle


    It is the source of the problem.
    Just rework the shuttle service and the routing then it solved :D



    Thanks for all your comment, they all right.






    share|improve this answer




























      0














      After some meditation finding the solution in the universe, my Express application is hosted in Google App Engine and I realized that my dispatch.yaml contains



      - url: "*/shuttles*"
      
  service: shuttle


      It is the source of the problem.
      Just rework the shuttle service and the routing then it solved :D



      Thanks for all your comment, they all right.






      share|improve this answer


























        0












        0








        0







        After some meditation finding the solution in the universe, my Express application is hosted in Google App Engine and I realized that my dispatch.yaml contains



        - url: "*/shuttles*"
        
  service: shuttle


        It is the source of the problem.
        Just rework the shuttle service and the routing then it solved :D



        Thanks for all your comment, they all right.






        share|improve this answer













        After some meditation finding the solution in the universe, my Express application is hosted in Google App Engine and I realized that my dispatch.yaml contains



        - url: "*/shuttles*"
        
  service: shuttle


        It is the source of the problem.
        Just rework the shuttle service and the routing then it solved :D



        Thanks for all your comment, they all right.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 4 '18 at 7:23









        Kevin ChristianKevin Christian

        366




        366






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53475102%2fexpress-cors-works-on-others-endpoints-but-one%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Create new schema in PostgreSQL using DBeaver

            Image
            0 At the beginning of my current job I had limited access to DB but recently my role is changed to superuser, admin, and owner. My colleague who was the previous DB admin is able to create a schema or change the permissions as there is a permission tab in the properties and he can change permissions by clicking easily. Would you please let me know how I can create schema and change permissions as well? Why his dbeaver looks different from me? He can easily right click on the schema folder on top of all schemas on the left side column and select create new schema while I do not have that, like the following picture I found on the internet. postgresql database-schema dbeaver share | improve this question
            Read more

            Deepest pit of an array with Javascript: test on Codility

            Image
            0 $begingroup$ This is the question from a Codility test, as a task in an interview: DeepestPit - problem description A non-empty zero-indexed array A consisting of N integers is given. A pit in this array is any triplet of integers (P, Q, R) such that: ·         0 ≤ P < Q < R < N; ·         sequence [A[P], A[P+1], ..., A[Q]] is strictly decreasing, i.e. A[P] > A[P+1] > ... > A[Q]; ·         sequence A[Q], A[Q+1], ..., A[R] is strictly increasing, i.e. A[Q] < A[Q+1] < ... < A[R]. The depth of a pit (P, Q, R) is the number min {A[P] − A[Q], A[R] − A[Q]}. For example, consider array A consisting of 10 elements such that: A[0] = 0 A[1] = 1 A[2] = 3 A[3] = -2 A[4] = 0 A[5] = 1 A[6] = 0 A[7] = -3 A[8] = 2 A[9] = 3 Triplet (2, 3, 4) is
            Read more

            Costa Masnaga

            Image
            .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m
            Read more