fiber: 🤗 [Question]: CORS problems

Question Description

Hello, I’m getting Access to XMLHttRequest at ‘http://localhost:8080/api/v1/auth/login’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Im using Fiber v2.42.0

However, I’m not getting this cors error when I switch to Echo framework. I see this is common in fiber but there isnt a clear answer to this cors issue in fiber and i tried using multiple cors configuration including the default in fiber made by others said to be working but it didnt for me. With Echo it hasnt been a problem at all:

	e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
		AllowOrigins:     []string{"http://localhost:3000"},
		AllowHeaders:     []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept},
		AllowMethods:     []string{http.MethodGet, http.MethodPut, http.MethodPost, http.MethodDelete, http.MethodOptions, http.MethodPatch},
		AllowCredentials: true,
	}))

I really appreciate the help. I don’t want to switch to Echo simply because of a cors issue in fiber. I like fiber very much. Thanks.

Code Snippet (optional)

app.Use(cors.New(cors.Config{
		AllowOrigins:     "http://localhost:3000",
		AllowHeaders:     "Accept, Origin, Content-Type",
		AllowMethods:     "GET,POST,HEAD,PUT,DELETE,PATCH,OPTIONS",
		AllowCredentials: true,
	}))

Checklist:

  • I agree to follow Fiber’s Code of Conduct.
  • I have checked for existing issues that describe my questions prior to opening this one.
  • I understand that improperly formatted questions may be closed without explanation.

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 15 (8 by maintainers)

Most upvoted comments

@ReneWerner87 Thank you Rene. It was fully my fault caused by my silly mistake. When testing out two fiber instances I forgot to remove it the second one. I used the first instance(app := fiber.New()) while used the second instance(appp := fiber.New()) run the server. This was before implementing a frontend and when I tested out the login with Insomnia & Postman everything worked fine so I guess I didn’t remove the second instance, I left it as is… I didn’t think it would be a problem… I didn’t know that tools like Postman didn’t enforce the CORS policy unlike browsers, I just found that out now. When I implemented the frontend login and that’s when I started getting CORS error.

+1
basixnetflix on Apr 13, 2023
Read more comments on GitHub
← fiber: 🤗 [Question]: 403 forbidden on POST CSRF request
fiber: 🤗 [Question]: Timeout is not work in Fiber v2.42.0 →