HTTP Endpoints: Is CORS Necessary?
Will be building an API using the HTTP Endpoints and just wanted to confirm if using CORS is necessary? This would be to serve response JSON to various types of clients, including websites (specifically metadata server for NFT data), some of the requests may come from websites we know, some from those we don't (use wildcard for these?). Thanks!
2 Replies
Yes, other websites trying to use your service will likely have CORS issues if you don't set anything. You can set the headers manually, e.g. https://docs.convex.dev/functions/http-endpoints#cors
There's a fun tool to figure out what your headers should be here:
https://httptoolkit.com/will-it-cors/
And a post on using Hono as an http library (which has things like CORS middleware) on top of Convex:
https://stack.convex.dev/hono-with-convex
Will It CORS? - a CORS debugging tool that actually works.
Literally nobody understands CORS, except this one magic web page
Advanced HTTP Endpoints: Convex ❤️ Hono
Adding advanced HTTP Endpoint functionality by extending Convex with Hono.
HTTP Endpoints | Convex Developer Hub
HTTP endpoints allow you to build an HTTP API right in Convex!
Got it! Thanks for confirming