Algobook
- The developer's handbook
HomeArticlesAPIs
mode-switch
Algobookclose-icon
nav-iconHomenav-iconArticlesnav-iconAPIsnav-iconAboutnav-iconContact usnav-iconCookie policy
back-button
Buy Me A Coffee
Thu Mar 16 2023

How to setup CORS on a Node js express server

In this article, we will briefly go through how to setup a basic NodeJs server with express, and give it some CORS restrictions.

What is CORS?

So, before we jump in to the code. Let's briefly just discuss what CORS is, and how it is working. So CORS stands for Cross-Origin Resource Sharing, and it is basically used for browsers checking whether an origin is allowed to gain access to a servers response, other than its own origin. E.g, if you have a website called webshop.com and you have an API with some business logic, you probably have the server hosted on the same URL, or on a subdomain, like api.webshop.com. By default, no other origin but the same, will be able to read the response from the server. So if webshop-2.com makes a request, it will fail.

However, this can be solved by setting some rules on the server, to tell the browser which origins are allowed to read the responses. Which we will cover in this post.

To read more details about CORS, visit mozilla developer page.

Prerequisites

  • Visual code or similar text editor
  • npm
  • Node

Let's start

Let's start with creating the actual project.

Installing dependencies

  • Type npm init in your terminal and follow the steps
  • Type npm install express in your terminal for getting express
  • Type npm install cors for getting the middleware we are going to use

Creating our server

  • Create a file called index.js in the root of your folder.

Now lets write some code:

// Import our dependencies
const express = require("express");
const cors = require("cors");

const app = express();

// Specify our allowed origins
const allowed = ["https://webshop.com, https://webshop-2.com, http://localhost:3000"];

// Setting up CORS options
const options = {
  origin: (origin, callback) => {
    if (allowed.indexOf(origin) === -1) {
      return callback(new Error("Origin not allowed"), false);
    }
    return callback(null, true);
  }
};

// Adding the middleware
app.use(cors(options));

// Setting up an example endpoint
app.get("/ping", (req, res) => {
  res.json({ msg: "pong" });
});


// Start the server
app.listen(80, function () {
  console.log("Web server listening on port 80");
});

That is it. Now our server will only accept request from either https://webshop.com, https://webshop-2.com or http://localhost:3000. All other origins will receive an error like origin has been blocked by CORS policy.

  • Start the server by typing node index.js and you should be able to test your endpoint.

Outro

So, this was a super simple example and there is a ton of more reading and exploring to be done regarding this topic. For this tutorial, we will end here. But we will do more advanced example in the future and post it here on the site. I hope you enjoyed and found this post useful!

signatureThu Mar 16 2023
See all our articles
Liked what you just read? Check out our related articles below
How to create and decode QR codes in NodeJs-thumbnailHow to create and decode QR codes in NodeJsIn this tutorial, we will show how we can create QR codes using NodeJs and also how to decode already created QR codes.
Fri Jun 02 2023
Introduction to web scraping with Puppeteer-thumbnailIntroduction to web scraping with PuppeteerA guide on how to scrape a website using Puppeteer. We will see how we can retrieve the content of https://react.dev and print in the console.
Tue May 30 2023
Build a full stack application with React and NodeJs-thumbnailBuild a full stack application with React and NodeJsA tutorial on how to build a simple full stack application with React in the client side and NodeJs in the backend.
Sat May 27 2023
How to convert a text file and its content to a JSON file with correct structure-thumbnailHow to convert a text file and its content to a JSON file with correct structureA guide on how to create a JSON file from a txt file in NodeJs. We will also make sure that the content is formatted in correct JSON format.
Tue May 23 2023
How to send email in NodeJs with Gmail - using nodemailer-thumbnailHow to send email in NodeJs with Gmail - using nodemailerA guide on how to use Gmail and Google OAuth 2.0 to send emails with NodeJs and nodemailer.
Mon May 22 2023
How to send email in NodeJs with a Yahoo mail using nodemailer-thumbnailHow to send email in NodeJs with a Yahoo mail using nodemailerA tutorial on how to send emails in NodeJs using nodemailer. Our sender email will be a Yahoo address and we will cover how to authenticate using app passwords.
Sun May 21 2023
Fast and easy way to secure your Node express API using Helmet-thumbnailFast and easy way to secure your Node express API using HelmetA quick guide on how to secure a Node express API with helmet.
Tue May 16 2023
Hash passwords in NodeJs using bcrypt-thumbnailHash passwords in NodeJs using bcryptA tutorial on how to use bcrypt in NodeJs to hash passwords and compare them afterwards.
Fri May 12 2023
Setup puppeteer with Docker-thumbnailSetup puppeteer with DockerIn this guide we will show how to setup a puppeteer service in NodeJs with Docker.
Sat May 06 2023
Introduction to caching in a NodeJs API-thumbnailIntroduction to caching in a NodeJs APIIn this guide we will show how we can set up a simple cache in NodeJs. We will use node-cache library from npmjs.com in this article.
Sun Apr 30 2023
How to parse XML data to JSON in NodeJs-thumbnailHow to parse XML data to JSON in NodeJsIn this tutorial, we will show how we can parse XML in NodeJs in to a JSON object. We will use fast-xml-parser library in this guide.
Sat Apr 29 2023
Algobook
- The developer's handbook
HomeArticlesSoftware