[Coldbox 5.0] Lucee 5.2.7 Enabling cross-origin resource sharing

[Philippe Sambor]

I built and successfully tested an API resource on Coldbox. I now would like to call this API from my Vue.js client. When doing so, I get an error:  "No Access-Control-Allow-Origin header present on the requested resource" from the Javascript console. Although I fully understand the reason for this message, I am not sure what is the simplest and most secure approach to enable CORS with Coldbox. 

I would like to find out the solution currently available with Coldbox 5 to resolve this issue. Thanks in advance for your reply. 

[Eric Peterson]

The easiest way, in my opinion, is to use the cors module on ForgeBox.  https://forgebox.io/view/cors  Should be automatic in many cases.

[Philippe Sambor]

Thank you Eric! After module installation, I guess I should now modify server.json (to map the actual server details) and moduleConfig.cfc to update: allowOrigins = "*" so as to restrict to a single url origin via both http and https protocols. Thanks again, very useful and straightforward module.