noonjs supports CORS. If CORS is not defined in the config, the server will have no CORS restrictions. To enable CORS, simply add your origin to the config. If you need to support cookies, set credentials to true as well.
{
...
"cors": {
"origin": "https://my-domain.com",
"credentials": true
}
...
}Alternatively, environment variables like CORS_ORIGIN=https://my-domain.com and CORS_CREDENTIALS=true achieve the same result. noonjs prioritizes environment variables over config.json.
If your frontend and backend are on different domains, subdomains, or ports, and you want to use authentication, make sure to define the CORS origin and enable credentials in the config.json or environment variables.