Loopback-next: 404 OPTION - Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Created on 16 May 2020 · 5Comments · Source: strongloop/loopback-next

Loopback is always sending 404 responses to preflight requests (I'm sending application-json content type requests). It seems loopback is not sending the cors response header.

404 OPTION - Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Steps to reproduce

Use this configuration for the loopback 4 application:

export async function main(options: ApplicationConfig = {}) {
  const app = new BackendApplication({
    shutdown: {
      signals: ['SIGTERM', 'SIGINT', 'SIGUSR2'],
      gracePeriod: 5000,
    },
    rest: {
      port: 3011,
      expressSettings: {
          'x-powered-by': false,
      },
      cors: {
        origin: '*',
        methods: 'GET,POST,PATCH,DELETE,PUT,OPTIONS',
        preflightContinue: true,
        optionsSuccessStatus: 204,
        maxAge: 86400,
        credentials: true
      },
    },
  });

bug

Source

foxMclion

Most helpful comment

@tipuban Thanks for the pointer. I'm closing this one as duplicate of #5368.

raymondfeng on 16 May 2020

👍2

All 5 comments

@foxMclion You need to update your sequence.ts (or use DefaultSequence) if it was generated by an older cli. Please refer to https://github.com/strongloop/loopback-next/issues/5368#issuecomment-626233755

tipuban on 16 May 2020

👍1

@tipuban Thanks for the pointer. I'm closing this one as duplicate of #5368.

raymondfeng on 16 May 2020

👍2

Thanks, I modified the sequence but now I'm getting a 422 unprocessable entity for my POST. Now the OPTIONS return 200 as per the config. I'm not sure if the 422 is CORS related.

foxMclion on 16 May 2020

solved thanks, the 422 is the openapi validation.

foxMclion on 16 May 2020

i used the same cors settings but it's not working in loopback 3