DataHub Docs
DataHubLearnCommunity
  • ๐Ÿ‘‹Welcome to Figment Docs
  • ๐ŸšฉIntroduction
    • ๐Ÿš€Why Build on Web 3?
    • ๐Ÿ’ปWhat is DataHub?
  • ๐Ÿ“–DataHub Guides
    • ๐Ÿ“DataHub Products
      • Transaction Search API
      • Staking API
    • ๐ŸญDataHub Infrastructure
    • ๐ŸGet Started With DataHub
    • ๐ŸšจQuotas & Rate Limits
    • ๐Ÿ’กDashboard how-tos
      • Configuring CORS whitelist
  • ๐Ÿ“šNetwork Documentation
    • ๐Ÿ”ญNetwork Guide
    • ๐Ÿ…ฐ๏ธArbitrum
      • ๐ŸŽฎRPC & REST API
    • ๐Ÿ”๏ธAvalanche
      • ๐ŸŽฎRPC & REST API
        • Avalanche Indexer API
    • ๐Ÿ’ Binance Smart Chain
      • ๐ŸŽฎRPC & REST API
    • ๐Ÿ’ฐCelo
      • ๐Ÿ’ผCELO Wallet
      • ๐ŸŽฎRPC & REST API
    • โžฐCentrifuge
      • ๐ŸŽฎRPC & REST API
    • ๐ŸŒŒCosmos
      • ๐ŸŽฎRPC & REST API
      • ๐ŸŽŠEnriched APIs
        • Transaction Search
        • Rewards API
    • ๐Ÿ’ŽEthereum
      • ๐ŸŽฎRPC & REST API
    • ๐ŸงŠFantom
      • ๐ŸŽฎRPC & REST API
    • ๐ŸฆKusama
      • ๐ŸŽฎRPC & REST API
    • ๐Ÿ“ฑMina
      • ๐ŸŽฎRPC & REST API
        • Indexer API Documentation
        • Query Mina GraphQL API
    • ๐ŸŒˆNEAR
      • ๐ŸŽฎRPC & REST API
      • ๐ŸŽŠEnriched APIs
        • Indexer API
      • ๐Ÿ’ผNEAR Wallet
    • ๐Ÿ๏ธOasis
      • ๐ŸŽฎRPC & REST API
        • Oasis REST API
    • ๐ŸงชOsmosis
      • ๐ŸŽฎRPC & REST API
    • ๐ŸกPolkadot
      • ๐ŸŽฎRPC & REST API
      • ๐ŸŽŠEnriched APIs
        • Indexer API
        • Transaction Search
    • โ›ฝPolygon (Matic)
      • ๐ŸŽฎRPC & REST API
    • ๐Ÿ”‹Solana
      • ๐ŸŽฎRPC & REST API
    • ๐Ÿ“šExtra Guides
      • Blockchain Fundamentals
      • Docker Setup for Windows
      • Troubleshooting CORS Errors on DataHub
      • 5XX Retry Logic Best Practices
        • 5XX Retry Logic Best Practices - NodeJS
        • 5XX Retry Logic Best Practices - Python
        • 5XX Retry Logic Best Practices - Ruby
        • 5XX Retry Logic Best Practices - Go
      • Setting up a fresh JavaScript Project with dotenv
      • Getting started with dotenv and .env files
      • Rust Learning Resources
      • Setup Solana BPF Toolchain on Windows
      • Figment Learn Pathway Troubleshooting
  • ๐Ÿค”Other
    • ๐ŸงพGlossary
    • ๐Ÿ—ณ๏ธSupport
  • ๐Ÿ”—Terms & Conditions
    • Terms of Use
    • Terms & Conditions DataHub
    • Privacy Policy
    • Contributor Terms
Powered by GitBook
On this page
  • What is CORS?
  • Add Allowed Origin
  • Delete Allowed Origin

Was this helpful?

  1. DataHub Guides
  2. Dashboard how-tos

Configuring CORS whitelist

Manage Allowed Origins for your DataHub Apps to prevent CORS errors

PreviousDashboard how-tosNextNetwork Guide

Last updated 3 years ago

Was this helpful?

What is CORS?

Cross-Origin Resource Sharing () is an HTTP-header-based mechanism that allows a server to indicate any other (domain, scheme, or port) than its own from which a browser should permit the loading of resources.

Allowed Origins

Access-Control-Allow-Origin headers, Allowed Origins, could have one or many domain addresses that you may whitelist in DataHub to comply with the default DataHub CORS policy: you need to whitelist all domains that could be a part of a cross-origin request.

CORS request example

An example of a cross-origin request: the front-end JavaScript code served from https://domain-a.com uses XMLHttpRequest to make a request for https://domain-b.com/data.json. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts.

CORS error example

CORS Errors are common when youโ€™re working with APIs and itโ€™s important to handle them effectively due to security reasons.

Access to fetch at 'https://solana--mainnet--rpc.datahub.figment.io/' 
from origin 'http://localhost:3000' has been blocked by CORS policy: 
Response to preflight request doesn't pass access control check: No 
'Access-Control-Allow-Origin' header is present on the requested 
resource. If an opaque response serves your needs, set the request's 
mode to 'no-cors' to fetch the resource with CORS disabled.

Add Allowed Origin

  1. Navigate to your App settings.

  2. In the Allowed Origins section, add a domain address, that includes protocol, hostname, and optionally port. Example: http://localhost:9000 or wss://uniswap.org.

  3. Click Save and save your changes to the Allowed Origins list. If you see errors upon saving you need to fix them first and click Save to revalidate and save.

Delete Allowed Origin

  1. Navigate to your App settings.

  2. In the Allowed Origins section, delete a domain address.

  3. Click Save and save your changes to the Allowed Origins list.

๐Ÿ“–
๐Ÿ’ก
CORS
origin