502 (Bad Gateway) error while listening to operation hook on Loopback 3 using MongoDB

Question

Here's the situation:

I have a client application (Angular 8/Ionic 4) that is calling a API (Loopback) with a PATCH.

I listen to the "after save" hook of a certain model, which the datasource is PostgreSQL. When this hook gets triggered, I call a model that the datasource is MongoDB to perform an UpsertWithWhere operation in this MongoDB model.

The problem is that I get the following error with code 502:

Access to XMLHttpRequest at 'https://dev-api.celsoonline.com.br/api/v2/Encontros' from origin 'http://dev-aluno.celsoonline.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

So, you might think: "Missing cors configuration". But It's not. I have already configured it, in 3 different locations:

1 - server.js

const cors = require('cors')
app.use(cors())

2 - middleware.json

"cors": {
 "params": {
    "origin": true,
    "credentials": true
  }
}

3 - config.json

"remoting": {cors: true}

The MongoDB is at the Atlas server, with network access allowed to all IPs (0.0.0.0/0)

Can anyone help me on this? I'm currently working on a dev environment hosted on AWS. Running locally the error do not occur.

What am I missing?

Thanks!

What’s the HTTP status code of the response? You can use the Network pane in browser devtools to check. Is it a 4xx or 5xx error rather than a 200 OK success response? — sideshowbarker, Oct 11 '19 at 10:32
Th 502 (Bad Gateway) error is the actual problem that needs to be fixed. If you fix that, you’re likely going to find that your existing CORS config is already working as expected. The only reason the browser is logging that CORS message is that a 502 error is never going to include CORS headers. — sideshowbarker, Oct 12 '19 at 22:52

score -1 · Answer 1 · answered Oct 10 '19 at 07:26

-1

Sometimes firewall issue happens so ones more check your IP in AWS

answered Oct 10 '19 at 07:26

shiva

209
2
5

Antoniossss · Answer 2 · 2019-10-10T07:37:04.717

-1

Work on the same domain to avoid CORS rules or disable CORS in browser (eg plugin in Firefox)

Other than that, follow on how to setup CORS on server.js https://github.com/expressjs/cors

 "origin": true,

it should be false to disable CORS check

edited Oct 10 '19 at 07:37

answered Oct 10 '19 at 07:31

Antoniossss

31,590
6
57
99

I dont't think this flag is for "CORS checking", but for allowing Cross Origin requests, ins't it? – Gabriel Cabral Oct 12 '19 at 17:32
thats the point, you want to allow any origin. Actual check is made by browser locally. – Antoniossss Oct 12 '19 at 17:46

502 (Bad Gateway) error while listening to operation hook on Loopback 3 using MongoDB

2 Answers2