Netlify CORS policy problem

Website: https://upticket-mclbdn.netlify.app/

Hi everyone,

I’ve been running the above website as my personal project for more or less one month.

Anyway, today, without any changes in the code, I started receiving this error during login/logout:

Access to fetch at ‘https://upticket-server.herokuapp.com/api/login’ from origin ‘https://upticket-mclbdn.netlify.app’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

I didn’t change any client code(here, Netlify), nor server code(Heroku).

Would anyone, please, be so nice to explain me what is happening? Or did Netlify change any policies?

Thank you!

Hey @mclbdn

I can’t explain this supposed change however it is standard behaviour to see rejections such as this when the browser is communicating to the server via fetch.

Do you have an Access-Control-Allow-Origin header set on Heroku? e.g.

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE
Access-Control-Allow-Origin: https://upticket-mclbdn.netlify.app
1 Like