App Platform: Could there be a "allow_headers" option for CORS?

Posted November 3, 2020 1.1k views
Configuration ManagementCI/CDDigitalOcean App Platform

Hey there.

I am getting the CORS error: “Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.”

This is due to not being able to set “allow_headers” in the App Specification file. (This key does not yet exist.)

Is there any way to do something about this?

Stay healthy!

Related questions:

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers

I just opened an idea on their ideas page:

If you need these two options, please upvote the idea! Thank you! :)

I’m having the same issue. I want to allow certain headers in my requests. Any idea on how to solve it?

I am building an embedded app into another website. I would like to set “Access-Control-Allow-Origin” to “” and “Content-Security-Policy” to “frame-ancestors”

Is it possible to do so?

You can actually do it by download the yaml file and adding it manually.

- cors:
    - '*'
    - GET
    - POST
    - PUT
    - PATCH
    - DELETE
    - prefix: http://localhost:3001