How Do I Intercept OPTIONS Preflight for CORS?
When a preflight request is made to OPTIONS, I see no way of intercepting that request. I want to be able to set my own headers for CORS purposes. For example, requests that have credentials can't use Xano's default Access-Control-Allow-Origin: *. If I can't set the Access-Control-Allow-Origin to a specific origin, then my request is denied by the browser.
This is not a problem for POST requests, because Xano allows you to set headers. However, OPTIONS is not available.
How can I do this in Xano?
Answers
-
HI, @nanoTitan. Can you provide some more detail for me on what's blocking you here and your specific use case, just to make sure I understand?
-
What is blocking me is the inability to respond to preflight requests for CORS. Most browsers send an OPTIONS request for preflight. However, we can't handle that type of request ourselves in Xano. In my case, I want to specify a response header value in the preflight for
Access-Control-Allow-Origin. -
Are you able to provide an example of the request being made that isn't working with the wildcard specified for Access-Control-Allow-Origin? It would be helpful if I could provide an example to the engineering team in this case. If this is sensitive information, feel free to reach out to us via support chat instead.
-
I just sent an email to support@xano.com. It has the full network request and responses. Please let me know if you need more.
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback