To grant access from 3rd party sites to your site resources let's say your Restful services , You need to configure it first, Otherwise as a security concern, Browser itself deny the request.
How to enable access from myjsapp.com to Drupal 8/9 site.
Goto sites/default folder
Copy the default.services.yml file, and place in the same folder and rename it services.yml
Now find the cors.config section, it looks like this as default.
Change enabled to true, Set allowed headers to 'x-csrf-token', 'content-type', 'accept' etc.,
Change the allowedOrigins from [*] to your authorized applications. ex: http://myreactapp.local:8000
# Configure Cross-Site HTTP requests (CORS).
# Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
# for more information about the topic in general.
# Note: By default the configuration is disabled.
cors.config:
enabled: false
# Specify allowed headers, like 'x-allowed-header'.
allowedHeaders: []
# Specify allowed request methods, specify ['*'] to allow all possible ones.
allowedMethods: []
# Configure requests allowed from specific origins.
allowedOrigins: ['*']
# Sets the Access-Control-Expose-Headers header.
exposedHeaders: false
# Sets the Access-Control-Max-Age header.
maxAge: false
# Sets the Access-Control-Allow-Credentials header.
supportsCredentials: false
No comments:
Post a Comment