Not allow CORS access

Hello All

I have deployed a Kalix app with Action and Event Sourced Entity. After the application deployment, I can see that the route setting shows the CORS Enabled setting is NO, so I suppose that my Kalix app allows the call from different origin.

Then, I created a web application and provide a HTML which has a javascript to do fetch on the action/entity endpoint on the Kalix app. However, it is failed with CORS error.

Here is the flow

  • Chrome Browser ------load-------> HTML page from a web application running on domain A
  • Chrome Browser ------submit----> Kalix app on domain B (CORS enabled in route setting is NO)
  • Chrome Browser get CORS error from Kalix app

May I know whether I miss any setting?

1 Like

OK, found the command yet. It is something like this:

kalix services expose [app-name] --enable-cors

but i have to remove the original exposed route and expose as a new route. Does it have way to enable and disable without re-expose the route? and can we set domain in the allowed cors list?