I’ve been banging my head against cors issues most of this evening after switching from JWT to cookies – I’ve fixed them now, but I was hoping to run my headers by someone here just to confirm that I haven’t fixed the issue by doing something stupid
My frontend is served from
localhost:8081, my backend
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:8081'); res.setHeader('Access-Control-Allow-Credentials', 'true'); res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE'); res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
And I set a cookie in the login route using
I’m using an axios instance on the frontend, with the flag
Sorry if this seems basic, but I’ve felt a bit like I’ve had information overload and my brain is fried! Is there anything else I should be considering?