I have a frontend and express js server hosted on aws lightsail that uses ubuntu with nginx.

The server is set as a reversed proxy. Here is the config

location /api/ { 
proxy_pass http://localhost:4000/api/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}

I'm trying to make a post request (login) from client to express but I get this

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource 
at http://localhost:4000/api/users/login. (Reason: CORS request did not succeed). Status 
code: (null).

but I have enabled cors on my server in multiple ways but with no success

const cors = require('cors');
const app = express();

const corsOption = {origin: "http://18.193.59.75:80"};

app.options("/*", function(req, res, next){ 
  res.header('Access-Control-Allow-Origin', '*'); 
  res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
  res.header('Access-Control-Allow-Headers', 
  'Content-Type, Authorization, Content-Length, X-Requested-With');
  res.send(200);});

//app.use(cors(corsOptions));
//app.options('*', cors(corsOptions));

CodePudding user response：

Add the next() handler as given below and see if resolves your issue.

const cors = require('cors');
const app = express();

// const corsOption = {origin: "http://18.193.59.75:80"};

var corsOptions = function(req, res, next){ 
    res.header('Access-Control-Allow-Origin', '*'); 
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
    res.header('Access-Control-Allow-Headers', 
    'Content-Type, Authorization, Content-Length, X-Requested-With');
     next();
}

app.use(corsOptions);