Access to /continue from origin 'http://localhost:3000' has been blocked by CORS policy?

Hi,

I’m trying to redirect new users to a custom consent page in order to get user consent after the first log using auth0 redirect rules.
The application doesn’t support signup so I had to do this after the initial login.

I followed option 4 from this document
[GDPR: Track Consent with Custom UI](https://GDPR: Track Consent with Custom UI)

Added the redirect rule + made a consent page with submit checkbox to save user consent and redirect to the application but I get:

Access to fetch at 'https://dev-xxx-xx.auth0.com/continue?state=g6Fo2SBQd2JlRHZkempBM1VpUlpmRkpsVjVFX1VXTjlIYkFHWqN0aWTZIHRLQzYzTHEyakk5VGJjUHUzNDV5YWZmNDgzS29oMDdBo2NpZNkgbm5zeUZ2eGV6VkVnYmd2aGRBb0hiNk5TOFFJTTVGdEw' from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I checked the application CORS, web origin, callback URLs, and all of them are set correctly.

Here is a snippet of the react code that I use on form submit.

const handleSubmit = (event) => {
    event.preventDefault();
    let url = window.location.href;
    let params = queryString.parse(url);
    fetch(
      "https://" +
        config.REACT_APP_AUTH0_DOMAIN +
        "/continue?state=" +
        params.state,
      {
        method: "GET",
        crossDomain: true,
        headers: {
          "Cache-Control": "no-cache",
          "Content-Type": "text/html",
        },
      }
    );
  };

Any help appreciated.

Thanks!

Hi,
I am facing the same issue, not documentation no where :frowning:

How did you solve it?

Hi @asaf.shochet, and anyone else looking for this,

If you are still facing this issue, I had a similar problem, and essentially the problem is that /continue only support URL redirection, meaning, we cannot make an ajax call. It can only be triggered by a browser redirect (window.location.href = …/continue…).

See CORS Error when trying to POST to /continue
and /continue returning 401 - how to catch that error to redirect the user somewhere else

Cheers.