Open CORS ERROR header "Access-Control-Allow-Origin" contains several values

Question

Open CORS ERROR header "Access-Control-Allow-Origin" contains several values

There are recurring questions related to CORS. But none of the solutions worked for me. I am running my application on OpenShift Cloud. I installed the Kors NPM package as an intermediate layer. This is mistake.

The header "Access-Control-Allow-Origin" contains several values of " http://evil.com/ , *", but only one is allowed. The origin of " http://my-app-name.rhcloud.com " is therefore not allowed.

Server side code

var app = express();
var server = require('http').Server(app);
var io = require('socket.io').listen(server);
var cors = require('cors');
app.use(cors());

//rest of the code

var server_port = process.env.OPENSHIFT_NODEJS_PORT || 8080;
var server_ip_address = process.env.OPENSHIFT_NODEJS_IP || '127.0.0.1';
server.listen(server_port, server_ip_address);

Client Side Code

var socket = io.connect('http://my-app-name.rhcloud.com:8000/',{
    'forceNew':true
});

I am using angularjs and Express Framework.

+9

node.js cors socket.io openshift

user3673959 13 '16 11:08

4

CORS.

+2

Dmitry Grinko 17 . '18 18:43

jomaora · Answer 1 · 2016-10-24T14:15:13+0000

/ cors ? , . , http://evil.com .

Kamil Sobczyk · Answer 2 · 2019-03-16T12:06:37+0000

I spent about 50 hours on this stupid problem with evil.com and finally I have a solution. The author of the CORS chrome extension did this in purple to draw our attention to the dangers of corso. Just remove this garbage and everything will work fine. Heck!

edemone · Answer 3 · 2019-05-06T11:13:07+0000

This problem is usually caused by the CORS plugin in Chrome. Disabling the plugin should solve the problem for you.

Open CORS ERROR header "Access-Control-Allow-Origin" contains several values

More articles: