Nginx, PM2, Node - No 'Access-Control-Allow- Origin' header

Question

I have developed NodeJS server ran with express. I use PM2 to manage the application and then nginx to proxy requests to the application.

My Express application has CORS, CSP etc set up. But, the server does not respond in production and fails with:

Failed to load https://api.surveyrewards.co.uk/join: No 'Access-Control-Allow- Origin' header is present on the requested resource. Origin 'https://surveyrewards.co.uk' is therefore not allowed access. The response had HTTP status code 504.

I'm thinking this is something to do with nginx and not allowing the correct headers through, but I can't work out what's going on.

Here is my nginx config:

location / {
    proxy_pass http://localhost:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

Should I pass any additional headers through the nginx proxy to get this to work?

The preflight responds fine:

I solved this by removing the CORS and CSP from the Express application to nginx. Much easier to manage and load balance too. But I will leave open as I'd still be interested in learning how to do it the original way. — BugHunterUK, Sep 14 '18 at 01:49

Nginx, PM2, Node - No 'Access-Control-Allow- Origin' header

0 Answers0