CORS fails due to OPTIONS /forest/sessions-google giving "404 Not Found"

Expected behavior

Forest Admin UI can access local node server backend.

Actual behavior

CORS in the browser (Google Chrome) fails because the express server returns a 404 Not Found for the OPTIONS /forest/sessions-google request made by the Forest Admin UI. All my own routes work fine. It may be worth noting that I am using node clustering but that it is set up in such a way that each client will connect to the same process in order to get socket-io auth to work properly.

Failure Logs

Express server logging:

image894×264 35.2 KB

Child(46425): req.headers { host: 'localhost:3000',
connection: 'keep-alive',
accept: '*/*',
'access-control-request-method': 'POST',
'access-control-request-headers': 'content-type',
origin: 'http://app.forestadmin.com',
'user-agent':
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko).  Chrome/87.0.4280.67 Safari/537.36',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'cross-site',
'sec-fetch-dest': 'empty',
referer: 'http://app.forestadmin.com/',
'accept-encoding': 'gzip, deflate, br',
'accept-language': 'en-GB,en-US;q=0.9,en;q=0.8' }. 
Child(46425): [::1] OPTIONS /forest/sessions-google 404 9B - 0.354 ms

Context

app.use(
    '/forest',
    cors({
        origin: [/\.forestadmin\.com$/],
        allowedHeaders: ['Authorization', 'X-Requested-With', 'Content-Type'],
        credentials: true,
    }),
    forestRouter
);

const forestConfig = {
    modelsDir: __dirname + '/models',
    envSecret: process.env.FOREST_ENV_SECRET,
    authSecret: process.env.FOREST_AUTH_SECRET,
    mongoose: mongoose,
};

app.use(require('forest-express-mongoose').init(forestConfig));

• Package Version:
  “forest-express-mongoose”: “^3.2.4”
• Express Version:
  “express”: “~4.16.0”
• Mongoose Version:
  “mongoose”: “^5.7.10”
• Database Dialect:
  MongoDB
• Database Version:
  mongod --version
  db version v4.2.8

Hi @Richard_Garner , welcome in the community!

Thank you for your feedback, it is very detailed and it helps a lot!

I have a few questions. I’ll try to reproduce your issue, but as you seem to use a previous version of forest-express-mongoose, I suppose that your project is not new.

Can you confirm that all other forest routes are working, and that you only noticed the issue on this route /forest/sessions-google? Or was it working before and stopped working recently?

Can you share the version of the cors package?

Thanks

Hi again @Richard_Garner,

I could not reproduce your issue. Can you also share more info about how you use the variable named app in your example? Is it an express sub-application?

Are you handling cors elsewhere for other routes?

Apologies, yes I will be able to get you the information you require later. Thanks for the quick response!

Hi. Sorry for the delay in getting back to you on this.

I’ve tested the other routes and they all work fine. It just seems to be the forest one that gives the 404.

It has been working previously, but then I made some changes in that I started using node cluster for load balancing. However I can’t imagine this is related because it works fine in the clustered for all the other routes.

I will have a look at it again tomorrow to see if I can find out anything else about it.

Is there anything I can do with the node module to enable more verbose debugging?

Do you override PUBLIC_ROUTES womewhere in your code ?

No. Let me see if I can create a simplified version to see if I can work out what’s happening… The issue is I kind of inherited this part of the code so I’m trying to learn forest admin from back to front really. Thanks for your patience. I’ll get back to you hopefully with some more insights.

Turns out the problem was between the chair and the keyboard. Unrelated to forest admin.

This can be closed now. Sorry and thanks for your time!