CORS & CSRF settings for SSR

ajskates98

last month

Hi!

I am using NextJS alongside Payload for my website.

I am using the app directory and as such a lot of my data fetching happens serverside.

When I am running locally, next runs on

localhost:3000

and payload runs on

localhost:3001

When running in production they are in sibling docker-compose containers. This means that they can send requests to each other using

http://payload:3001

and

http://next:3000

respectively.

How would I set up my config to allow for serverside requests. I have only tried in dev so far and have tried passing

["localhost:3000"]

to both the

cors

and

csrf

properties, as well as trying the wildcard option.

I consistently get a 403 Forbidden error when trying to fetch data.

Thanks in advance!

notchr
last month
@ajskates98 Morning! Can you please share the specific CORS / CSRF error? Is it an allowed origin error?
ajskates98
last month
It was a PICNIC error :/

I hadn't configured access in my collection
notchr
last month
Picnic?

Ahh that will do it
ajskates98
last month
Problem in chair, not in computer
notchr
last month
Ahhhhh

lmao

well I'm glad it's resolved

Star

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.