Adding a server to nestjs swagger gives a permission error

Question

When I add new server to a nestjs DocumentBuilder .addServer('http://localhost:7071') it thows a permission error when I try to execute routes at generated swagger page.

At the browser console it thows this error:

Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the document's Content Security Policy.

I already enable cors at the nestjs app with no luck!

app.enableCors();

Maybe I'm missing some security policy at the DocumentBuilder? Something like .addSecurity()? If it is the case How can I add this security policy?

Does the server running on port 7071 allow for calls from the server running the swagger page? — Jay McDoniel, May 06 '21 at 20:34

score 3 · Answer 1 · edited Sep 13 '21 at 08:09

3

This error is caused by wrong CORS config. To fix it:

Update swagger by adding :

.addServer('http://localhost:3000')

Add origin in CORS config (the address you're using) :

app.enableCors({origin: 'http://localhost:3000'});

edited Sep 13 '21 at 08:09

Thibault Walterspieler

2,272
2
15
25

answered Sep 12 '21 at 11:21

harian

156
2
7

Adding a server to nestjs swagger gives a permission error

1 Answers1