Configuring CORS whitelist
Manage Allowed Origins for your DataHub Apps to prevent CORS errors
Access-Control-Allow-Origin headers, Allowed Origins, could have one or many domain addresses that you may whitelist in DataHub to comply with the default DataHub CORS policy: you need to whitelist all domains that could be a part of a cross-origin request.
An example of a cross-origin request: the front-end JavaScript code served from
https://domain-a.com
uses XMLHttpRequest to make a request for https://domain-b.com/data.json
. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. CORS Errors are common when you’re working with APIs and it’s important to handle them effectively due to security reasons.
Access to fetch at 'https://solana--mainnet--rpc.datahub.figment.io/'
from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. If an opaque response serves your needs, set the request's
mode to 'no-cors' to fetch the resource with CORS disabled.
- 1.Navigate to your App settings.
- 2.In the Allowed Origins section, add a domain address, that includes protocol, hostname, and optionally port. Example:
http://localhost:9000
orwss://uniswap.org
. - 3.Click Save and save your changes to the Allowed Origins list. If you see errors upon saving you need to fix them first and click Save to revalidate and save.
- 1.Navigate to your App settings.
- 2.In the Allowed Origins section, delete a domain address.
- 3.Click Save and save your changes to the Allowed Origins list.
Last modified 1yr ago