• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Issue CORS: "Only One Origin Allowed"-Error - where does second origin * come from?

I

it78croix

New Pleskian
Server operating system version
Ubuntu 22.04.2 LTS
Plesk version and microupdate number
Plesk Obsidian Web Host Edition 18.0.53 Update #2
Having a Backend NodeJS-App on api.XXX.com and a Frontend React-App on XXX.com.

On the BackendNodeJS-App and in Plesk - Domains - the Apache & nginx Settings my 'Access-Control-Allow-Origin"-Header is set to the frontend url.

But, I get the message of

Access to XMLHttpRequest at [api] from origin [Frontend] has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, [...], but only one is allowed.
Click to expand...

I can't find where the 'Access-Control-Allow-Origin'-Header could be set to the asterisk ('*'). Any ideas?
 
You must log in or register to reply here.

Similar threads

Y
Question Issue Implementing Dynamic CORS Headers in Plesk’s Additional NGINX Directives
Replies
1
Views
3K
yfain
Y
s-light
Question NINGX CORS for multiple sub.domains
Replies
1
Views
3K
s-light
s-light
K
Issue Plesk NodeJS Server: CORS error upon every request
Replies
4
Views
4K
keithchasen
K
P
Resolved Angular App and express.js on temp domain
Replies
2
Views
2K
_phil
P
M
Issue plesk cors policy, either no header or multiple headers
Replies
2
Views
4K
Peter Debik
P
Back
Top