No 'Access-Control-Allow-Origin' header only for some clients

Question

No 'Access-Control-Allow-Origin' header only for some clients

sta2m opened this issue 3 years ago · 5 comments

Hi,

I have develop an application with Symfony & API Platform. Delivered in production in november 2021. All is ok.
Since somes days, my clients cannot login. After some investigation, I found this error :

"Access to fetch at 'https://api.****-****-******.com/login_check?' from origin 'https://www.****-****-******.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."

I don't reproduce the problem. All is ok on my PC. Tested with my computer on Linux / Windows on Chrome / Chromium / Opera and on my smartphone with Android. No problem.

For my clients, which test on multiple computer, with Chrome and Opera on Windows the error is always here. Seems to be ok on Android.

default config :

nelmio_cors:
defaults:
origin_regex: true
allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
allow_headers: ['Content-Type', 'Authorization']
expose_headers: ['Link']
max_age: 3600
paths:
'^/': null

with :

CORS_ALLOW_ORIGIN='^https?://(www.****-****-********.com|****-****-********.com)(:[0-9]+)?$'

I tried this :

nelmio_cors:
defaults:
origin_regex: false
allow_origin: ['']
allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
allow_headers: ['']
expose_headers: ['*']
max_age: 3600
paths:
'^/': null

And same problem.

The front end is in React with Nextjs.

Any idea why this bug on some clients but not on my PC ?
Maybe some cache on client ?
An error in my config ?

Thanks for any help, It's hot for me ;)

Answer 1 · 2022-01-27T17:15:34.000Z

Have you try it in incognito/private mode? Will it work?

Answer 2 · 2022-01-28T08:45:31.000Z

Yes, same problem...

Answer 3 · 2022-02-14T14:30:42.000Z

Same problem. Working on my wifi network but doesn't work on other wirelesses...

Answer 4 · 2022-02-21T05:38:12.000Z

The same thing happens to me, sometimes the same requests happen and other times this error pops up

Answer 5 · 2023-02-15T13:01:51.000Z

Sorry but if you can't find the actual issue or a reliable way to reproduce I cannot do anything here.