CORS Member CORS API Error/ Subscribe button no longer loading 4.2.0

micromarty · April 14, 2021, 12:47am

After upgrading to 4.2.0, the Subscriber button no longer loads. I do see a CORS error in the chrome debugger relating to the members api. How can I resolve this?

What’s your URL? https://www.wallstreetkings.com/
What version of Ghost are you using? 4.2.0
And
How was Ghost installed and configured? It is running on Heroku
What Node version, database, OS & browser are you using?
What errors or information do you see in the console?

Access to fetch at ‘Wall Street Kings | Rule the World of Finance and Investing’ from origin ‘https://www.wallstreetkings.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: Redirect is not allowed for a preflight request.
portal.min.js:3
[Portal] Failed to initialize: TypeError: Failed to fetch

What steps could someone else take to reproduce the issue you’re having? Go to the homepage and look at the error in the chrome developer console.

micromarty · April 14, 2021, 3:39am

It also happens on the portal settings page. I do not get the error when running ghost locally.

Hannah · April 14, 2021, 12:57pm

Hi there,

Nothing has changed in Ghost that would affect this to the best of my knowledge, however it looks like you have a configuration issue:

Access to fetch at ‘Wall Street Kings | Rule the World of Finance and Investing from origin ‘https://www.wallstreetkings.com’

This is correctly triggering CORS because you’re making the request across two different domains - the www. and root version. These are considered different domains from a CORS perspective (and everywhere to be honest).

From this it looks like wallstreetkings.com is your configured domain. You should setup www.wallstreetkings.com to 301 redirect, rather than also point at your site.