Thread Discussion

Access to fetch at 'https://<hubspot_portal_id>.hs-sites.com/hs/serverless/notifications' from origin 'http://localhost:4100' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

const axios = require('axios');

exports.main = async (context) => {
try {
    const { Origin } = context.headers;
    const allowedOrigins = [
      'http://localhost:4100'
    ]

    if(!allowedOrigins.includes(Origin)) {
      return {
        statusCode: 500,
        body: { error: 'Not allowed.' },
        headers: {
          'Content-Type': 'application/json'
        }
      };
    }

    console.log({
      Origin, 
      allowedOrigins,
      test: !allowedOrigins.includes(Origin)
    })

    const headers = {
      Authorization: `Bearer ${process.env.PRIVATE_APP_ACCESS_TOKEN}`,
      'Access-Control-Allow-Origin': '*',
      'Content-Type': 'application/json',
    }
...