CORS Problem with Capacitor 6 / Android

I am encountering an issue with Capacitor 6 on Android:

I took the sample from auth0-ionic-samples/angular at main · auth0-samples/auth0-ionic-samples · GitHub and updated it to Capacitor 6. After the update, clicking the login button takes me to the Auth0 login page, and after successful authentication, it returns me to the app. Previously, with Capacitor 5, I could see the profile information after logging in, but now with Capacitor 6, I still see the login button.

Android Studio shows the following log:
Access to fetch at '' from origin 'https://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

This issue does not occur with Capacitor 5 on Android or with Capacitor 6 in the browser on Windows.

Hi Tobias,
Could you try modifying the origin used by capacitor via the config’s server setting

In the Auth0 application settings, I initially had only http://localhost listed under Allowed Origins (CORS). However, with Capacitor 6, the requests are sent from https://localhost. Therefore, to ensure functionality, add https://localhost to the Allowed Origins (CORS).