Simplify your stack and build anything. Or everything.
Build tomorrow’s web with a modern solution you truly own.
Code-based nature means you can build on top of it to power anything.
It’s time to take back your content infrastructure.

CORS & CSRF settings for SSR

default discord avatar
ajskates98last year
5

Hi!



I am using NextJS alongside Payload for my website.



I am using the app directory and as such a lot of my data fetching happens serverside.



When I am running locally, next runs on

localhost:3000

and payload runs on

localhost:3001

When running in production they are in sibling docker-compose containers. This means that they can send requests to each other using

http://payload:3001

and

http://next:3000

respectively.



How would I set up my config to allow for serverside requests. I have only tried in dev so far and have tried passing

["localhost:3000"]

to both the

cors

and

csrf

properties, as well as trying the wildcard option.



I consistently get a 403 Forbidden error when trying to fetch data.



Thanks in advance!

  • default discord avatar
    notchrlast year
    @1121426427565326520

    Morning! Can you please share the specific CORS / CSRF error? Is it an allowed origin error?

  • default discord avatar
    ajskates98last year

    It was a PICNIC error :/



    I hadn't configured access in my collection

  • default discord avatar
    notchrlast year

    Picnic?



    Ahh that will do it

  • default discord avatar
    ajskates98last year

    Problem in chair, not in computer

  • default discord avatar
    notchrlast year

    Ahhhhh



    lmao



    well I'm glad it's resolved

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.