CORS Problem with Capacitor 6 / Android

tobias.walter · June 27, 2024, 1:42pm

I am encountering an issue with Capacitor 6 on Android:

I took the sample from auth0-ionic-samples/angular at main · auth0-samples/auth0-ionic-samples · GitHub and updated it to Capacitor 6. After the update, clicking the login button takes me to the Auth0 login page, and after successful authentication, it returns me to the app. Previously, with Capacitor 5, I could see the profile information after logging in, but now with Capacitor 6, I still see the login button.

Android Studio shows the following log:
Access to fetch at 'https://project.eu.auth0.com/oauth/token' from origin 'https://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

This issue does not occur with Capacitor 5 on Android or with Capacitor 6 in the browser on Windows.

Fario_Consulting · June 28, 2024, 8:40pm

Hi Tobias,
Could you try modifying the origin used by capacitor via the config’s server setting

tobias.walter · July 18, 2024, 8:15am

In the Auth0 application settings, I initially had only http://localhost listed under Allowed Origins (CORS). However, with Capacitor 6, the requests are sent from https://localhost. Therefore, to ensure functionality, add https://localhost to the Allowed Origins (CORS).

system · August 1, 2024, 8:15am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.