when edit layout mode is active (1), we tried to show different collections, but each one receive CORS error.
the errors:
Access to fetch at ‘https://api.forestadmin.com/api/layout’ from origin ‘https://app.forestadmin.com’ has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response.
// Support for request-private-network as the `cors` package
// doesn't support it by default
// See: https://github.com/expressjs/cors/issues/236
app.use((req, res, next) => {
if (req.headers['access-control-request-private-network']) {
res.setHeader('access-control-allow-private-network', 'true');
}
next(null);
});
app.use('/forest/authentication', cors({
...corsConfig,
// The null origin is sent by browsers for redirected AJAX calls
// we need to support this in authentication routes because OIDC
// redirects to the callback route
origin: corsConfig.origin.concat('null')
}));
app.use(cors(corsConfig));
If you could share the exact version it could be helpful so that I can reproduce.
I can see anyway that the allowed methods do not include the PATCH in our backend configuration, I have released a fix adding the method, hopefully unlocking your issue.
I should have been more specific, I meant to ask the specific version of your browser. As this is an error happening between your browser and our server.
Could you share with me a screen capture of the complete PREFLIGHT request ? the request headers and the response headers (if they are present or not).
One lead could also be if you are using chrome extensions or particular chrome configuration, can you try in private navigation with all extensions disabled ?
You can also try with another browser like firefox which is not chromium based.