HTTP Response Node CORS Header Problem

lewi0231 · 8 October 2022 10:31

I'm currently using the HTTP-in node which is set to accept a POST request which is working fine. However I am then trying to use the HTTP-response node to send back data.

The problem I'm facing is that even though I have added Access-Control-Allow-Origin: * header to the response my browser is still stating that "CORS header ‘Access-Control-Allow-Origin’ missing".

What am I missing?

Node-red flow:

[{"id":"4f207f6e0c1f8f73","type":"tab","label":"Flow 1","disabled":false,"info":"","env":[]},{"id":"0c75203ff1c6e073","type":"http in","z":"4f207f6e0c1f8f73","name":"/sentiment POST","url":"/sentiment","method":"post","upload":false,"swaggerDoc":"","x":180,"y":260,"wires":[["ed969497ee72ebbe"]]},{"id":"ed969497ee72ebbe","type":"sentiment","z":"4f207f6e0c1f8f73","name":"sentiment analysis","property":"payload.body","x":393,"y":117,"wires":[["c1fefb75bbc7d877"]],"l":false},{"id":"c1fefb75bbc7d877","type":"function","z":"4f207f6e0c1f8f73","name":"","func":"msg.payload = {\n    email : msg.payload.email,\n    sentiment : msg.sentiment.score\n}\nreturn msg;","outputs":1,"noerr":0,"initialize":"","finalize":"","libs":[],"x":514,"y":238,"wires":[["dabe0ecc0e05408c"]],"l":false},{"id":"dabe0ecc0e05408c","type":"http response","z":"4f207f6e0c1f8f73","name":"","statusCode":"","headers":{"Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"POST"},"x":684,"y":323,"wires":[],"l":false}]

Steve-Mcl · 8 October 2022 10:48

can you share a demo flow that demonstrates your issue?

Also, do you access the http endpoint directly (as in: the URL you enter in the browser is the node-red endpoint) OR are you accessing content from node-red endpoint via a HTML tag inside a page served from some other webserver?

lewi0231 · 8 October 2022 22:36

The former. Just some more information for you: I'm trying to create a Thunderbird (email client) add-on - so I'm attempting to access the endpoint URL from within email client. I should note that my HTTPS endpoint is located on the cloud - that is, my node-red editor is deployed on the cloud.

Steve-Mcl · 9 October 2022 08:42

Then it may be your cloud provider inhibiting the access.

However, you could try setting cors in the settings.js to minimum level then tweak it to secure it up as best as possible based on your apps requirements,

    // The following property can be used to configure cross-origin resource sharing
    // in the HTTP nodes.
    // See https://github.com/troygoode/node-cors#configuration-options for
    // details on its contents. The following is a basic permissive set of options:
    httpStaticCors: {
        origin: "*",
        methods: "GET,PUT,POST,DELETE,PATCH,OPTIONS,HEAD"
     },

system · 23 October 2022 08:43

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cors policy error inside template node but not in http request node General	3	222	23 August 2022
HTTP Request No Reply General	23	3586	27 November 2019
Struggling with sending HTTP requests to the "http in" node General	10	874	18 October 2021
httpNodeCors setting issue General	1	367	4 October 2020
HTTP post_ node General	10	94	19 January 2024

HTTP Response Node CORS Header Problem

Related Topics