Here’s a detailed answer to add CORS without plugins: The code has been taken from here.
Read about CORS Security here.
const http = require('http');
const port = 8080;
http.createServer((req, res) => {
const headers = {
'Access-Control-Allow-Origin': '*', /* @dev First, read about security */
'Access-Control-Allow-Methods': 'OPTIONS, POST, GET',
'Access-Control-Max-Age': 2592000, // 30 days
/** add other headers as per requirement */
};
if (req.method === 'OPTIONS') {
res.writeHead(204, headers);
res.end();
return;
}
if (['GET', 'POST'].indexOf(req.method) > -1) {
res.writeHead(200, headers);
res.end('Hello World');
return;
}
res.writeHead(405, headers);
res.end(`${req.method} is not allowed for the request.`);
}).listen(port);
// You can also set using the following method
res.setHeader('Access-Control-Allow-Origin', '*'); /* @dev First, read about security */
res.setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
res.setHeader('Access-Control-Max-Age', 2592000); // 30 days
res.setHeader('Access-Control-Allow-Headers', 'content-type'); // Might be helpful