CORS & CSRF settings for SSR

default discord avatar
ajskates98
last month
5

Hi!



I am using NextJS alongside Payload for my website.



I am using the app directory and as such a lot of my data fetching happens serverside.



When I am running locally, next runs on

localhost:3000

and payload runs on

localhost:3001

When running in production they are in sibling docker-compose containers. This means that they can send requests to each other using

http://payload:3001

and

http://next:3000

respectively.



How would I set up my config to allow for serverside requests. I have only tried in dev so far and have tried passing

["localhost:3000"]

to both the

cors

and

csrf

properties, as well as trying the wildcard option.



I consistently get a 403 Forbidden error when trying to fetch data.



Thanks in advance!

  • default discord avatar
    notchr
    last month

    @ajskates98 Morning! Can you please share the specific CORS / CSRF error? Is it an allowed origin error?

  • default discord avatar
    ajskates98
    last month

    It was a PICNIC error :/



    I hadn't configured access in my collection

  • default discord avatar
    notchr
    last month

    Picnic?



    Ahh that will do it

  • default discord avatar
    ajskates98
    last month

    Problem in chair, not in computer

  • default discord avatar
    notchr
    last month

    Ahhhhh



    lmao



    well I'm glad it's resolved

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.