2

I am using NGINX and I am receiving that error in the browser's console.

I am so frustrated.

According to my boss, I need to set up cors which what I did and still I am getting the same error.

This is the full error

OPTIONS https://backend.just4bettors.mobi/auth/login XMLHttpRequest cannot load https://backend.just4bettors.mobi/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.just4bettors.mobi' is therefore not allowed access. The response had HTTP status code 400.

Here is the config

map $http_origin $cors_header {
    default "";
    "~^https?://[^/]+\.just4bettors\.mobi(:[0-9]+)?$" "$http_origin";

}

server {
    large_client_header_buffers 1 1K;

    listen 80;
    listen 443 ssl;

    server_name  www.just4bettors.mobi  just4bettors.mobi;
    root   /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;

    ssl_certificate      /etc/ssl/certs/just4bettors.mobi.chained.crt;
    ssl_certificate_key  /etc/ssl/private/just4bettors.mobi.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    location / {
        add_header Access-Control-Allow-Origin $cors_header;
    ...
    }
}



server {
    listen 80;
    listen 443 ssl;

    server_name  backend.just4bettors.mobi  www.backend.just4bettors.mobi;

    ssl_certificate      /etc/ssl/certs/just4bettors.mobi.chained.crt;
    ssl_certificate_key  /etc/ssl/private/just4bettors.mobi.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    location / {
       add_header Access-Control-Allow-Origin $cors_header;
    }
}

I have the domain and the subdomain, it is like something named cross-domain.

Where do I have the error here ? I mean, I have everything set up and still asking me for the Access-Control-Allow-Origin, why ?

ps: I want to cry.

Reacting
  • 223
  • 1
  • 3
  • 8

0 Answers0