Ever try to work with the Magento GraphQL API or REST API from your browser and see the following?
Access to XMLHttpRequest at 'https://my.magento.app' from origin 'http://my.webapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.This package allows you to securely add the necessary CORS headers to the Magento 2 GraphQL or REST APIs with ease.
When building a headless application for Magento, or working with a client that respects the CORS protocol, you will need CORS headers on your backend resource.
This package will add configurable CORS Resource headers to the Magento 2 GraphQL or REST APIs, allowing you to access the GraphQL or REST APIs from your browser.
This module is intended to be installed with composer. From the root of your Magento 2 project:
- Download the package
composer require graycore/magento2-cors- Configure the package
- Enable the package
./bin/magento module:enable Graycore_Cors-
Respects the full CORS Protocol
Access-Control-Allow-OriginAccess-Control-Allow-MethodsAccess-Control-Allow-HeadersAccess-Control-Max-AgeAccess-Control-Expose-HeadersAccess-Control-Allow-Credentials