The current backend does not have CORS (Cross-Origin Resources Sharing) which is to ensure where the request is sent. This feature prevents any alien entity to make a request to the server. Other than the known frontend domain, all non-specify cannot make any request to our server. Prevent at a certain level of CSRF attack
For this task:
- Install cors from npm and apply to
backend/app.js
- Add a frontend origin of this project to the
.env file
- Configure necessary variables of cors (Make sure to add frontend origin variable to Cors)
The current backend does not have CORS (Cross-Origin Resources Sharing) which is to ensure where the request is sent. This feature prevents any alien entity to make a request to the server. Other than the known frontend domain, all non-specify cannot make any request to our server. Prevent at a certain level of CSRF attack
For this task:
backend/app.js.envfile