cross-origin request blocked the same origin policy disallows reading the remote resource fix in node js node js

1. Install the 'cors' npm package:

npm install cors

1. Import 'cors' in your Node.js file:

const cors = require('cors');

1. Use 'cors' middleware in your Express application:

const express = require('express');
const app = express();

app.use(cors());

1. Configure specific origins (optional):

const corsOptions = {
  origin: 'http://your-allowed-origin.com',
  optionsSuccessStatus: 200 // some legacy browsers (IE11, various SmartTVs) choke on 204
};

app.use(cors(corsOptions));

1. Handle CORS preflight requests:

app.options('*', cors());

1. Enable credentials for cross-origin requests (optional):

const corsOptions = {
  origin: 'http://your-allowed-origin.com',
  optionsSuccessStatus: 200,
  credentials: true,
};

app.use(cors(corsOptions));

1. Adjust response headers for handling credentials:

const corsOptions = {
  origin: 'http://your-allowed-origin.com',
  optionsSuccessStatus: 200,
  credentials: true,
};

app.use(cors(corsOptions));

app.use((req, res, next) => {
  res.header('Access-Control-Allow-Credentials', true);
  res.header('Access-Control-Allow-Origin', 'http://your-allowed-origin.com');
  res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
  res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');

  if (req.method === 'OPTIONS') {
    res.sendStatus(200);
  } else {
    next();
  }
});