Cors error upon redirect


I am trying to have a backend and frontend loosely coupled, meaning that I would like to host them on separate servers on different port. But currently I am facing an issue where I am getting a CORS-error from your CSP-policy: Access to XMLHttpRequest at '' (redirected from 'http://localhost:3000/twitch/auth?xxx') from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Is their any way around this, or does the server doing the redirect and redirect uri have to come from the same place?

thanks for the reply


Errr what are you doing to get this error to start with?

I have the server and client separated on two different locations ( and localhost:3000). The client requests the server which then redirects to twitch, but then I get the CORS.

Sounds like you are not redirecting the user.

You literally need to send the users web browser to Twitch.

The server shouldn’t be fetching itself.

This is suggested by the error saying XMLHttpRequest

Which suggests you are using JS Fetch or XMLHttpRequest and not issuing a HTTP Redirect to redirect the browser.

You either need a <a href="the link to twitch"> or to redirect the user to the link to twitch

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.