CORS errors with App Platform; Access-Control-Allow-Credentials
Today, I was beginning the setup of a new service. After finally getting ready to start working on the authentication flows, I was greeted with Chrome spitting out Access-Control-Allow-Credentials errors. My CORS configuration is correct, however, I can’t seem to find a way to allow this through DigitalOceans app platform. The way our app is structured, we use a subdomain to handle all API requests and fetch data from it.
Has anyone heard anything about this, or know how to fix this issue? As far as I can tell, DigitalOcean has nothing for it, and manually setting this in my application code does not work either. Any help would be seriously appreciated.
It looks like I’m not the only one having this problem, and this is causing me major frustrations as it opens us to security problems having to store session tokens on the clients localStorage [which I refuse to do]
https://ideas.digitalocean.com/ideas/APPX-I-94 It seems they’ve ignored the idea of doing this as well.