How to enable CORS in Node.js

Today we’ll show you how to enable CORS in Node.js. Most of the beginners are facing the CORS issue while they are working with API creation and access it through some other application.

Enabling CORS in Node.js, Express cors middleware – Express.js, ExpressJS – enable cross-origin resource sharing, Handling CORS in Express, node js cors allow all, express allow cors localhost, express cors access-control-allow-origin, enable cors node http server, express cors not working, express.static cors, node js fetch cors, node js bypass cors.

CORS Error

Access to fetch at ‘<BACK_END_URL>’ from origin ‘<FRONT_END_URL>’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

When does the error occur?

CORS error will occur while you are sharing the resources between cross-origin. In other words, when you are working with API and sharing the data with different origins then Cross-origin resource sharing (CORS) error will occur.

Replicate CORS error

I would recommend you to check the article: Create REST API in Node.js. Here we are slightly updating the code to handle the JSON response. For that we will use body-parser npm package.

After implementing the package, your code should look like below.

server.js

Now try to access this get API through other application like React, Angular, etc and check the console where you will see the CORS error.

Note: Above API code will work with Postman but it will not work with other front end applications.

So let’s see how to fix it.

Different ways to enable CORS

  1. Enable CORS without external module
  2. Enable CORS using npm package

1. Enable CORS without external module

To enable CORS without an external module or npm package, we have to simply write a few lines of the code in a server file.

Here we allowed all the origin to access this app by passing * in Access-Control-Allow-Origin. You can pass a single domain to share resources with a given domain only.

Note: Do not set / at the end of the URL. like http://yourdomain.com/. This will not work.

Let’s combine all code together and see how it looks.

server.js

2. Enable CORS using npm package

This is another way to enable CORS using the npm package. We’ll use cors npm package to do it. Run the following command to install the package.

After successful installation, we have to add it in server.js file and enable the CORS.

So at last your server.js file should look like below.

server.js

You can also enable CORS on an individual request. Check the following code.

Note: To allow cors on an individual request, no need to set app.use(cors()) in the server.js file.

That’s it. CORS is now enabled.

Thank you for reading. Happy Coding!

Demo & Source Code

Github Repository

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *