drizzle-orm: [BUG]: Drizzle Studio CORS error

What version of `drizzle-orm` are you using?

0.29.3

What version of `drizzle-kit` are you using?

0.20.13

Describe the Bug

Unable to use drizzle-studio due to CORS error.

Visit https://local.drizzle.studio/
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:4983/. (Reason: CORS request did not succeed). Status code: (null).

Expected behavior

No response

Environment & setup

No response

About this issue

Original URL
State: open
Created 5 months ago
Reactions: 1
Comments: 18 (2 by maintainers)

Most upvoted comments

I was struck by this issue today, using Arc as a browser.

Error was related to missing Access-Control-Allow-Private-Network cors header.

https://wicg.github.io/private-network-access/#headers

Fixed this locally by patching drizzle-studio’s server.js to include Access-Control-Allow-Private-Network: true header. Dunno if that’s the correct way to solve this, but it worked 😅

Kurre on Feb 7, 2024

Installing mkcert resolved the issue for both chrome and firefox but not chromium. Seems that this step is mandatory for all browsers? Not only Safari and Brave?

bitbytebit1 on Feb 5, 2024

FWIW, I’m using this patch with PNPM to circumvent this problem:

diff --git a/server.js b/server.js
index a294e5c2b4c31feded80d27b51d9fe971f686efe..8a9c5e89bdad05180e32027e047f2ccbfe0ee78b 100644
--- a/server.js
+++ b/server.js
@@ -6540,6 +6540,7 @@ var cors = (options) => {
     function set(key, value) {
       c.res.headers.set(key, value);
     }
+    set("Access-Control-Allow-Private-Network", "true");
     const allowOrigin = findAllowOrigin(c.req.header("origin") || "");
     if (allowOrigin) {
       set("Access-Control-Allow-Origin", allowOrigin);

Kurre on Feb 8, 2024