CORS issue with javascript frontend


I can’t figure out, how to setup properly CORS policy for my discourse forum.
I have Discourse installed at and try to get post from thread using JSON API, for example from this path

I get error on frontend

has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’

The frontend app is hosted at using netlify so deploy previews have different domain.

I tried to setup cors origins setting in Discourse, but that don’t look to make any change. (tried ceratin domain with protocol, without protocol, with full URI and every other possibility, and even *)

Is it possible that nginx blocks some http parameters? Where should I look next?

I figured it out myself. I was in bad belief, that CORS policy is turned ON by default.

I edited app.yml and added DISCOURSE_ENABLE_CORS=true, rebooted app and all works fine.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.