Mattermost, Inc.

CORS issue on mattermost

Does anyone knows how and where to configure to resolve the CORS issue in mattermost server?
Appreciate the help.

Hi, @joblemjose

In terms of configuration within Mattermost itself, I suggest you to check on the Configuration Settings documentation to understand the available setups which include:

  • Enabling CORS
  • CORS Exposed Headers
  • CORS Allow Credentials
  • CORS Debug

Can you please share more information on the CORS issue that you have run into? Screen shot(s) and configuration snippet will be really helpful to help us understand the problem better. Thanks.

Hello,

Below is the current configuration that set

Currently the response header allows
access-control-allow-methods: POST

How to include
access-control-allow-methods: POST, GET, POST

Getting the below error message now

Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

Let me know if this info sufficient?