CORS
Cross-origin resource sharing (CORS) is a mechanism that allows resources to be requested from another domain. Under the hood, Nest makes use of the Express cors package. This package provides various options that you can customize based on your requirements.
Getting started
To enable CORS, call the enableCors()
method on the Nest application object.
const app = await NestFactory.create(AppModule);
app.enableCors();
await app.listen(3000);
The enableCors()
method takes an optional configuration object argument. The available properties of this object are described in the official CORS documentation. Another way is to pass a callback function that lets you define the configuration object asynchronously based on the request (on the fly).
Alternatively, enable CORS via the create()
method’s options object. Set the cors
property to true
to enable CORS with default settings. Or, pass a CORS configuration object or callback function as the cors
property value to customize its behavior.
const app = await NestFactory.create(AppModule, { cors: true });
await app.listen(3000);
Above method only applies to REST endpoints.
To enable CORS in GraphQL, set cors
property to true
or pass CORS configuration object or a callback function as the cors
property value when you import GraphQL module.
warning Warning
CorsOptionsDelegate
solution is not working with theapollo-server-fastify
package yet.
GraphQLModule.forRoot({
cors: {
origin: 'http://localhost:3000',
credentials: true,
},
}),