CORs issue when run on production server

default discord avatar
2 months ago

I have setup my payload app and deployed on Railway. However, it seems its ignoring my CORs settings, as im getting CORs error on front end. Config setup as below

//at top of file im calling below
  path: path.resolve(__dirname, '../.env'),

// cors config key in payload.config.ts
cors: [
    process.env.PAYLOAD_PUBLIC_SERVER_URL || '',
    process.env.PAYLOAD_PUBLIC_SITE_URL || '',

// env defined as

Im even checking for env and throwing error if undefined, and it doesn't throw, but its doesn't seem to add the


to cors.

Feel like I'm missing something silly here, but I can't place it. What am I missing?

Note: This is in a monorepo, containing payload and next, structure as below. If I dont require dotenv in payload config, then it doesnt build.


I should add that the payload app works fine. Have DB connection can login etc no problem.

  • default discord avatar
    last month

    Same error here

  • default discord avatar
    last month

    @tom.griffiths @ninotorres_ - This is not the permanent solution, but what happens if you modify your server.ts file to have CORS/CSRF config?

    (via express)

    const app = express();
    const router = express.Router();
        origin: [
        credentials: true,

    I know it's ideal to fix the .env var issue, but this might help temporarily

  • default discord avatar
    last month

    Thanks @notchr. I think I resolved my issue by fixing my Railway setup. I still had a docker file in my repo and I think Railway must have changed their auto build detection priorities, so it was building via the docker file instead of using nix packs. Once I deleted the docker file it picked up the vars and ran just fine.

  • default discord avatar
    last month

    No problem, glad to hear you solved it!

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!


Connect with the Payload Community on Discord



Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.