Hello, the issue is really a simple one, invoking an Edge Function causes the call to get a CORS error, while in postman, I can make the call in a very simple way and it works. We might need something like a CORS checkbox for REST API I’m guessing?
Should be handled on supabase side, please check this documentation CORS (Cross-Origin Resource Sharing) support for Invoking from the browser | Supabase Docs
Hey, is there any chance that something changed after today’s update? I’m getting CORS errors, even though the setup is the same. Postman works fine. In the Supabase Logs, I see the preflights getting 200 and the requests are getting 200 as well.
Could you share a screenshot of your request in the network tab ?
We didn’t update anything related to supabase.
I’ll have to check with the team, but last time I checked it worked, and we haven’t updated it since yesterday. Might be our thing too. I’ll be letting you know. Postman and calling it with REST with your guy’s CORS option seems to work.
We’re answering to the preflights with this
serve(async (req) => {
if (req.method === "OPTIONS") {
return new Response("ok", { headers: corsHeaders });
}
...
And the corsHeaders are imported as Supabase suggest and look as follows
export const corsHeaders = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Headers":
"authorization, x-client-info, apikey, content-type",
};
And are the headers present in the response ? You need to scroll down to see if they are here or not, probably not, maybe supabase is now overriding your response header idk
Postman dont have CORS issue as its serverside, same for REST with the proxy request.
So there is no CORS headers in your response.
You probably forgot to add your corsHeaders to your POST response. You only return them for your OPTIONS request.
Yes, it seems like we send them only with the preflight and on error for some reason. Thank you for helping me out
It would be nice if someone can create a tutorial on this topic.
while there are a many ways to do it, an easy one is to use libraries with this feature and tutorials out of the box:
setup project for supabase function with honojs: Supabase Edge Functions - Hono
add builtin cors handling: CORS Middleware - Hono
Hono is a great way to do this indeed, I highly suggest using it. If you wanna set CORS without using it though, it’s fairly simple. Just follow this tutorial. CORS (Cross-Origin Resource Sharing) support for Invoking from the browser | Supabase Docs