Hi ory team Do you have any advice on how to get around this

Question

Hi ory team Do you have any advice on how to get around this preflight cors issue Environment Ory cloud React + vite using the `submitSelfServiceLoginFlow` after `initializeSelfServiceLoginFlowForBrowsers` the GET requests works though altered from the self service ui repository

damp-sunset-69236 · Answer

Hello What s your setup What do you use as ingress controller e g Nginx Envoy traefik

damp-sunset-69236 · Answer

Ah Sorry I read the error

bored-fountain-61952 · Answer

Hi < U02U9MSKL9X> Can I provide you with any additional information that could help to pinpoint the error We are currently only testing locally localhost 3000 Using the ory proxy doesn t make a difference Also switching browsers didn t change anything Chrome lt gt Firefox We use CORS Unblock to test locally Appreciate any help slightly smiling face

damp-salesclerk-26574 · Answer

this is how we solved our similar errors <https ory community slack com archives C012RJ2MQ1H p1643808666531659 thread ts=1643729372 375029 amp cid=C012RJ2MQ1H>

bored-fountain-61952 · Answer

I tried adding `` `` `` `` to the allowed redirect urls in ory cloud but they don t seem to have any effect Do I have to use a `kratos yml` when I use ory cloud I thought that was only needed when you develop with ory running in a docker container locally

bored-fountain-61952 · Answer

Ok I actually figured that one out myself after reading <https cors errors info error messages aa2f|this> resource The trick was to only configure the request on the initializing of the self service login flow with the `withCredentials true` axios option set to true instead of having it on the base configuration Now fighting again with the `403` that the `csrf tokens` don t match Any tipps for that

bored-fountain-61952 · Answer

It seems like the `set cookie` with the `csrf token` is not set on localhost since we do not have secure connection there Any ideas on how we could get around that to make it work on local chrome

important-fall-74969 · Answer

Hi after you initialise the login flow can you see any cookie s being set at all And do you pass in the `csrf token` that you get back from the ui nodes into the `submitSelfServiceLoginFlow`

proud-plumber-24205 · Answer

Hi < U0340R7F492> Are you running your local setup through the Ory Proxy e g your app is on localhost 3000 while the Ory proxy is on localhost 4000 so chrome should be on localhost 4000 and the requests should go through localhost 4000 ory

proud-plumber-24205 · Answer

Also make sure your browser proxy and app must be on the same host e g localhost and not mixed between localhost and 127 0 0 1

bored-fountain-61952 · Answer

< U01MTU9E4CF> Hi Alano sorry for not replying I was out of office due to a covid infection sweat smile I do run the local setup through the ory proxy but my login url is localhost 4000 auth login Can I not use a custom route in the frontend I get a `csrf token` as a UINode and send it in the post request but the cookie is not set When trying to use the `withCredentials` flag for the post request it fails with a CORS error Without them obviously the CSRF Token to validate against is missing

proud-plumber-24205 · Answer

Hi < U0340R7F492> You can have custom routes on your frontend app The proxy only reserves the ` ory` path When calling an Ory API for example you would have to point your frontend application to the proxy url + ` ory` + ory api ` api kratos public self service `

proud-plumber-24205 · Answer

Please check out this thread <https ory community slack com archives C02MR4DEEGH p1646623854027749>

bored-fountain-61952 · Answer

< U01MTU9E4CF> Awesome following the thread worked Do you plan to add a react example in the future or should we I add a pr for that

proud-plumber-24205 · Answer

We do plan on adding that but it would be awesome if you want to open a PR for that

proud-plumber-24205 · Answer

We have all of our examples here <https github com ory docs tree master code examples protect page login>

proud-plumber-24205 · Answer

and we run tests against them in here <https github com ory docs blob master tests playwright protect page login spec ts>

bored-fountain-61952 · Answer

I will do a stripped down version of our current implementation to meet the test requirements I hope I find some time for that in the next days Thank you heart

proud-plumber-24205 · Answer

< U011D3UQKNY> could you take a look at improving the docs here we have lots of questions regarding the proxy and getting cors errors etc Also < U0340R7F492> would like to contribute to the docs with an example slightly smiling face

magnificent-energy-493 · Answer

Hello < U0340R7F492> Would love to take a look at your react example I am tinkering on one myself but I am not sure if I got the protected route right see no evil So feel free to tag me in a PR or DM me pray < U01MTU9E4CF> That is a good point I have some issues open for You already have some idea where this would fit best concepts cors or maybe a Troubleshooting guide thinking face probably all of those Would you be willing to open an issue for me so I can track it then you can also include what is most important from your POV pray gratitude merci

bored-fountain-61952 · Answer

Bear in mind that this is a work in progress PR and not yet finished <https github com ory docs pull 691>