firebasecorsfirebase-authenticationcross-domain

How to access Firebase from http://localhost:3000


I'm developing a React app, and I get this error when trying to sign in to Firebase using their email auth provider.

Failed to load https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=.....: 
Response to preflight request doesn't pass access control check: The
'Access-Control-Allow-Origin' header has a value 'https://localhost:3000' 
that is not equal to the supplied origin. Origin 'http://localhost:3000'
is therefore not allowed access.

(Notice the https on line 3 versus http on line 4)

It looks like they changed Access-Control-Allow-Origin from *, to the https version of whatever domain you're calling from?

Does this mean I now need to configure my React app to run as https://localhost:3000?


Solution

  • You want to create a .env file in the root of your project and set HTTPS=true. This will launch your app using a self signed certificate.

    Take a look at the advanced configuration options of create-react-app here

    https://github.com/facebook/create-react-app/blob/master/packages/react-scripts/template/README.md#advanced-configuration

    If you need more control over the certificate and do not want to eject. Take a look at react-app-rewired (https://github.com/timarney/react-app-rewired). You can config the devServer to use a custom certificate using the Extended Configuration Options here (https://github.com/timarney/react-app-rewired#extended-configuration-options)