CORS Member CORS API Error/ Subscribe button no longer loading 4.2.0

After upgrading to 4.2.0, the Subscriber button no longer loads. I do see a CORS error in the chrome debugger relating to the members api. How can I resolve this?

  • What’s your URL? https://www.wallstreetkings.com/

  • What version of Ghost are you using? 4.2.0
    And

  • How was Ghost installed and configured? It is running on Heroku

  • What Node version, database, OS & browser are you using?

  • What errors or information do you see in the console?

Access to fetch at ‘Wall Street Kings | Rule the World of Finance and Investing’ from origin ‘https://www.wallstreetkings.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: Redirect is not allowed for a preflight request.
portal.min.js:3
[Portal] Failed to initialize: TypeError: Failed to fetch

  • What steps could someone else take to reproduce the issue you’re having? Go to the homepage and look at the error in the chrome developer console.

It also happens on the portal settings page. I do not get the error when running ghost locally.

Hi there,

Nothing has changed in Ghost that would affect this to the best of my knowledge, however it looks like you have a configuration issue:

Access to fetch at ‘Wall Street Kings | Rule the World of Finance and Investing from origin ‘https://www.wallstreetkings.com

This is correctly triggering CORS because you’re making the request across two different domains - the www. and root version. These are considered different domains from a CORS perspective (and everywhere to be honest).

From this it looks like wallstreetkings.com is your configured domain. You should setup www.wallstreetkings.com to 301 redirect, rather than also point at your site.