Enable CORS
Enabling CORS is required if you want to allow serving HTTP request to external clients.
For example, if you want to expose an API to some consumers: JS libraries, headless clients, and so on.
The code to enable CORS in Next.js is very simple. In fact, you can enable it using the following code:
function withCors() { const headers = new Headers(); headers.append('Access-Control-Allow-Origin', '*'); headers.append( 'Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, referer-path' ); return headers;}
Additionally, you need to handle OPTIONS
requests appropriately.
import { NextRequest } from "next/server";export async function GET(request: NextRequest) { if (request.method === `OPTIONS`) { return new Response(null, { headers: { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Methods': 'GET, HEAD, POST, PUT, DELETE', }, }); }}
In your Makerkit codebase, this function is already available in the ~/core/middleware/with-cors.ts
file.
To enable CORS, you can simply call it in your handler. If it fails, it will throw an exception with the appropriate HTTP status code.
import withCors from '~/core/middleware/with-cors';export async function GET(request: NextRequest) { const headers = withCors(); if (request.method === `OPTIONS`) { return new Response(null, { headers, }); }}