No 'Access-Control-Allow-Origin' header is present on the requested resource | CORS Error

I have a Node js, React application which works well on localhost. I recently took the code to a production environment using cPanel and now, I am getting CORS errors. These cors errors only appear in requests that are not GET requests. In other requests, its preflighted request passes with a 2** response, but the xhr request keeps on failing.

Below are a list of things I have done

Used the cors package as below


const login_router = require("./routes/loginRouter");

const app = express();

const cors = require("cors");

// I have made the request with and without app.options
app.options("*", cors())

// allowedDomains = [Array of allowed sites] 
// My website is listed in the array as "https://..."
app.use(cors({ origin: allowedDomains, credentials: true }));


app.use("/api/user/login", login_router);

I ended up with Access to XMLHttpRequest at ____ from origin ____ has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource

Added a CORS snippet in the Nodejs .htaccess file (in case it has anything to do with apache)

Header set Access-Control-Allow-Origin "https://..."
Header set Access-Control-Allow-Methods "GET,PUT,POST,DELETE"
Header set Access-Control-Allow-Headers "Content-Type, Authorization"

It gave Access to XMLHttpRequest at ____ from origin ____ has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, https://...', but only one is allowed.

I also tried setting the response headers manually and still, I got the same set of errors as the first trial.

Any help will be appreciated, Thanks!

Solution

Apparently, my configuration was alright. My hosting providers have some kind of generic rules that unsets the Access-Control-Allow-Origin of the response header. All I had to do was turn off that rule and it worked.