• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue CORS: "Only One Origin Allowed"-Error - where does second origin * come from?

I

it78croix

New Pleskian
Server operating system version
Ubuntu 22.04.2 LTS
Plesk version and microupdate number
Plesk Obsidian Web Host Edition 18.0.53 Update #2
Having a Backend NodeJS-App on api.XXX.com and a Frontend React-App on XXX.com.

On the BackendNodeJS-App and in Plesk - Domains - the Apache & nginx Settings my 'Access-Control-Allow-Origin"-Header is set to the frontend url.

But, I get the message of

Access to XMLHttpRequest at [api] from origin [Frontend] has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, [...], but only one is allowed.
Click to expand...

I can't find where the 'Access-Control-Allow-Origin'-Header could be set to the asterisk ('*'). Any ideas?
 
You must log in or register to reply here.

Similar threads

Y
Question Issue Implementing Dynamic CORS Headers in Plesk’s Additional NGINX Directives
Replies
1
Views
302
yfain
Y
s-light
Question NINGX CORS for multiple sub.domains
Replies
1
Views
740
s-light
s-light
K
Issue Plesk NodeJS Server: CORS error upon every request
Replies
4
Views
3K
keithchasen
K
M
Issue plesk cors policy, either no header or multiple headers
Replies
2
Views
2K
Peter Debik
P
E
Issue Again problem with CORS (cross-origin resource sharing)
Replies
4
Views
3K
IgorG
IgorG
Back
Top