I am using express js in my backend file where i have set the cors policy. But after deploy the backed file in vercel i am unable to Get data in my client side. It gives a cors error the errors are
Access to XMLHttpRequest at 'https://richter-restaurant-server-alzami12-al-zamis-projects.vercel.app/reviews' from origin 'http://localhost:5173' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I am also having an error
Access to XMLHttpRequest at 'https://richter-restaurant-server-alzami12-al-zamis-projects.vercel.app/jwt' from origin 'http://localhost:5173' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
this is the code
app.use(cors({
origin: 'http://localhost:5173'
}));
these are the dependencies of my projects
"dependencies": {
"@stripe/agent-toolkit": "^0.2.0",
"cors": "^2.8.5",
"dotenv": "^16.4.7",
"express": "^4.21.2",
"firebase-admin": "^13.0.1",
"form-data": "^4.0.1",
"jsonwebtoken": "^9.0.2",
"mailgun.js": "^10.2.4",
"mongodb": "^6.12.0",
"nodemailer": "^6.9.16",
"stripe": "^17.5.0",
"uuid": "^11.0.3"
}
I have comment out all the console.log and client.connect in the server code. I am saving the jwt token in the localstorage
This is the image of the error
i tried given credentials: true in backend and withCredentials true in frontend but it did not work
The URL you provided leads to a login-locked vercel deployment environment. I believe that, instead of ending up on your backend service, your localhost
website only stumbles upon the vercel login page, which obviously doesn't allow CrossOrigins.
Deployment Protection safeguards both your preview and production URLs across various environments. Configured at the project level through your settings, Deployment Protection provides detailed access control for different deployment types.
Vercel offers the following Deployment Protection features:
- Vercel Authentication: Restricts access to your deployments to only Vercel users with suitable access rights. Vercel Authentication is available on all plans
- Password Protection: Restricts access to your deployments to only users with the correct password. Password Protection is available on the Enterprise plan, or as a paid add-on for Pro plans
- Trusted IPs: Restricts access to your deployments to only users with the correct IP address. Trusted IPs is available on the Enterprise plan
Source: Vercel's Deployment protection
You will need to disable that protection, or find a way to bypass or authenticate your local environment to the vercel deployment preview, before you can access it. Vercel wrote a page on it, you can have a read here.