Hello guys i have a small project but i need help :) i dont say why my cookies is not send when i use method delete, put... But when i send request with post or get is okay...
Front end
export const deleteAccount = async (idAccount) => {
try {
const response = await axios.delete(
`${process.env.REACT_APP_ENV}/subaccount/${idAccount}`,
{
withCredentials: true,
}
)
return response.data
} catch (error) {
console.error("Error deleting account:", error)
throw error
}
}
Back end
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
require('dotenv').config();
var authRouter = require('./routes/private/auth');
var publicOfferRouter = require('./routes/public/offer');
var privateOfferRouter = require('./routes/private/offer');
var privateSubAccountRouter = require('./routes/private/subAccount');
var privateUserRouter = require('./routes/private/user');
var privateCtaRouter = require('./routes/private/cta');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
// Add headers before the routes are defined
app.use(function (req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', process.env.DOMAIN);
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', 'true');
// Pass to next layer of middleware
next();
});
and the message error:
dashboard:1 Access to XMLHttpRequest at 'http://localhost:3001/subaccount/56' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok