Hi everyone!
To the point, I have an application is meteor and I have a doubt. Why when I set the headers to make a request to another domain I get a message that the value of the Access-Control-Allow-Origin header should not be ‘*’ If I have my credentials header in true ?.
If clearly the value of my Access-Control-Allow-Origin header is ‘localhost: 3000’.
I do not understand if you tell me one thing and it clearly is not. Can somebody help me? thank you all people very much.
server/main.js
import { Meteor } from 'meteor/meteor';
Meteor.startup(() => {
WebApp.connectHandlers.use((req, res, next) => {
res.setHeader("Access-Control-Allow-Origin", "http://localhost:3000");
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With, x-request-metadata');
res.setHeader('Access-Control-Allow-Credentials', "true");
next();
});
});