Ever try to work with the Magento v2.3+ GraphQL API from your browser and see the following?
Access to XMLHttpRequest at 'https://my.magento.app' from origin 'http://my.local.env' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.This package allows you to add the necessary CORS headers to Magento 2 with ease.
When building a headless application for Magento, or working with a client that respects the CORS protocol, you will need CORS headers on your backend resource.
This package will add configurable CORS Resource headers to the Magento 2 GraphQL API, allowing you to access the GraphQL API from your browser.
This module is intended to be installed with composer. From the root of your Magento 2 project:
- Download the package
composer require leventures/magento2-cors- Configure the package
- Enable the package
./bin/magento module:enable Graycore_Cors- Configurable
- Respects the full CORS Protocol
Access-Control-Allow-OriginAccess-Control-Allow-MethodsAccess-Control-Allow-HeadersAccess-Control-Max-Age
- Security By Default