Your CORS configuration seems correct and the fact that the response status is 200 while still getting a CORS error makes me think this is linked to ngrok’s browser warning on free accounts.
I will try to recreate the issue on my end for a fix to be made.
In the meantime could you, if you did not do it yet, access your app through the ngrok address on your browser ? I think it will dismiss the warning once you have accepted to continue on the website.
I have been able to reproduce the issue and it is indeed caused by ngrok’s browser warning.
Can I ask you the reason as to why you’re using ngrok for a development environment ? Giving a localhost address should work without any issue.
When creating the development environment, the wizard setup guide asked me to provide a SSL url, which we do not have on our dev environment. I figured using ngrok would be an easy workaround, but I just saw that I could edit the URL in the dev environment settings, and that it lets me put a non SSL url.
Could it be possible that the wizard setup forces users to use a SSL url even for dev environments? Maybe I landed on another wizard for a remote environment and got confused, that’s also a possibility.
Nevertheless, with the base http://localhost:3000, forest can’t seem to reach my local running server.
If you can confirm me that it should indeed work with that non SSL url, I’ll continue to dig as the issue must be on our side.
For development environment you can use local or SSL url, this should be the message that is displayed
// The url must be localhost (http://localhost[:port]) or a valid HTTPS address (https://my-local-secured-domain.com) for security purpose
And indeed, we require a secured address for remote/production environments.
http://localhost:3000 should work without issue for your development environment. If you do encounter an issue through the setup and it is on our side feel free to open a new topic so we can help you out!