Linking backend with frontend

I have set up locally (same machine (debian)):

  • backend from github . com/GIScience/openrouteservice on port 8082
  • frontend from github . com/GIScience/ors-map-client on port 8085

Every request which I send to backend works (I’m getting the response, tested with postman). The problem is when I try to send it from frontend. I have changed service endpoint for directions to ip:8082/ors/v2/directions. On map I’m getting “It was not possible to find a route connecting the places with the selected profile and filters” and in console I’m getting “Access to XMLHttpRequest at ‘ip:8082/ors/v2/directions/driving-car/geojson’ from origin ‘ip:8085’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource”. It worked perfectly fine before I switched to my own backend. Anyone knows what possibly I’m doing wrong? Is this CORS error by frontend or backend side? Did someone have similar issue and fix it?

Removed http from links because new users can only make post with max 2.

Hi @Kamil_Lenartowicz,

how exactly are you starting the backend?
Depending on how you do it, the Access-Control-Allow-Origin Header might not be set to * for requests to your backend.
For example: if you use mvn tomcat7:run instead of mvn tomcat7:run-war the header will not be added.

Best regards

I’m using mvn tomcat7:run-war

Hmm probably neither a frontend nor backend but rather an infrastructure thing:

for backend:

  • check your target/ors/WEB-INF/web.xml file. It should have the following part:
<display-name>OpenRouteService API</display-name>
	<!-- FILTERS -->
    <filter>
		<filter-name>CorsFilter</filter-name>
		<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
		<init-param>
			<param-name>cors.allowed.origins</param-name>
			<param-value>*</param-value>
...
  • Also, if you sent a request from postman directly to your backend, check the Headers tab of the response and verify that the Access-Control-Allow-Origin is set to *

If both of above is true, it might be an issue with the preflight (OPTIONS) request that is sent by default in the browser that is not handled correctly on the server you are running the backend on.

Open the network tab of your frontend before running the request and check if the OPTIONS request actually returns with 20X.
I guess that’s your problem.

Are you running frontend and backend on different machines?
Best regards

Web.xml is configured correctly and the header is set to *.
Both frontend and backend are run on the same machine.
OPTIONS returns 403 Forbidden

Edit.
Only backend ors api responses with CORS. The local pelias geocoding api works good on the frontend. Backend is fresh downloaded with few changes in ors-config (elevation off, less profiles) to build only car graph. I’m building it with mvn package and mvn tomcat7:run-war

Edit2:
Problem is solved, if anyone has similiar issue then simply add Authorization to cors.allowed.headers in web.xml