Meteor Android CORS Issue

I have a Meteor 1.8.0.2 app with web cordova Android & iOS Apps. I used to move the app to play store mentioning the port in the create build statement.

meteor run android-device --mobile-server="http://www.sitename.com:3000"

But now, Every build is getting rejected because https not mentioned in the mobile server.

While Changing the mobile server to –mobile-server="http://www.sitename.com

Getting this as errror.
Access to XMLHttpRequest at 'https://www.sitename.com/sockjs/info?cb=imah9cuyow' from origin 'http://localhost:12160' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:12160, *', but only one is allowed.", source: http://localhost:12160/cookies (0)
Tried Things:

Tried these things to solve this: 

Meteor.startup(function() {
  console.log('Configuring content-security-policy:');
  BrowserPolicy.content.allowSameOriginForAll();
  BrowserPolicy.content.allowOriginForAll("http://meteor.local");
  BrowserPolicy.content.allowOriginForAll('https://www.specialneighborhood.com');
  BrowserPolicy.content.allowEval();
  BrowserPolicy.framing.disallow();
});

WebApp.rawConnectHandlers.use(function(req, res, next) {
  res.setHeader("Access-Control-Allow-Origin", "*");
  res.setHeader("Access-Control-Allow-Headers", "Authorization,Content-Type");
  return next();
});

But no solution found.

Server configuration:

• Mup Js Used for Deployment
• NGINX

Also attaching the code for mup.js

module.exports = {
  servers: {
    one: {
      host: 'sitename.com',
      username: 'ubuntu',
      pem:'~/new_pair.pem'
      // password:
      // or leave blank for authenticate from ssh-agent
    }
  },

meteor: {
    name: 'special',
    path: '../../special',
    volumes: {
      '/var/www/html/uploading_server/files/': '/var/www/html/uploading_server/files/'
    },
    servers: {
      one: {}
    },

    buildOptions: {
      serverOnly: true,
    },
   env:{
      ROOT_URL: 'http://sitename.com',
    	PORT:3000,
      MONGO_URL: 'mongodb://localhost/meteor'
    },
    dockerImage: 'abernix/meteord:node-8.4.0-base',
    deployCheckWaitTime: 60,
     enableUploadProgressBar: true,
  },


mongo: {
    oplog: true,
    port: 27017,
    servers: {
      one: {},
    },
  },
};

Let me know what’s missing and needs to be changed. Any help would be appreciated.
Thanks

The problem is probably with your Access-Control-Allow-Origin header. I recall setting up something similar, in my app I have:

  const origin = req.headers["Origin"] || req.headers["origin"] || "";
  res.setHeader("Access-Control-Allow-Origin", origin);

I think you can also get away with:

  res.setHeader("Access-Control-Allow-Origin", "http://*");
  res.setHeader("Access-Control-Allow-Origin", "https://*");

the issue being that you need to specify the protocol in addition to the * when you cross protocols.

I have configured the NGINX and added Access-Control-Allow-Origin *

Also, attaching the NGINX configuration for your reference.
Do I need to set up express also and set them?

server {
    listen 0.0.0.0:80;
    server_name sitename.com www.sitename.com;
    return 301 https://www.sitename.com$request_uri;
}

server {
      listen 80;
      server_name www.sitename.com www.sitename.com;
      return 301 $scheme://www.sitename.com$request_uri;
}

server {
      listen 443;
      # --
      # this could be your IP address, a subdomain or a full domain
      # --
      server_name sitename.com www.sitename.com;

    


      #    ssl_certificate /etc/letsencrypt/live/www.sitename.com/fullchain.pem;
       #  ssl_certificate_key /etc/letsencrypt/live/www.sitename.com/privkey.pem;

        ssl_certificate /etc/nginx/ssl/www_sitename_com/ssl-bundle.crt;
     ssl_certificate_key /etc/nginx/ssl/www_sitename_com/example_com.key;

    # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        #ssl_certificate /var/www/html/ssl/ssl-bundle.crt;
        #ssl_certificate_key /var/www/html/ssl/example_com.key;
      ssl on;
      access_log /var/log/nginx/access.plygrid.log;
      error_log /var/log/nginx/error.plygrid.log;
      location / {
            proxy_pass http://localhost:3000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header X-Forwarded-For $remote_addr;
               proxy_set_header        X-Forwarded-Proto $scheme;

add_header 'Access-Control-Allow-Origin' '*';

    add_header              'Access-Control-Allow-Credentials: true' always;
    add_header              'Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS' always;
    add_header              'Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,access_token,__setXHR_' always;
    if ($request_method = 'OPTIONS') {
        add_header          'Access-Control-Max-Age' 1728000;
        add_header          'Content-Type' 'text/plain charset=UTF-8';
        add_header          'Content-Length' 0;
        return              204;
    }
    }

}