Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Adding a server to nestjs swagger gives a permission error

When I add new server to a nestjs DocumentBuilder .addServer('http://localhost:7071') it thows a permission error when I try to execute routes at generated swagger page.

enter image description here

At the browser console it thows this error:

Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the document's Content Security Policy.

I already enable cors at the nestjs app with no luck!

app.enableCors();

Maybe I'm missing some security policy at the DocumentBuilder? Something like .addSecurity()? If it is the case How can I add this security policy?

like image 523
Leonardo Cartaxo Avatar asked Oct 20 '25 17:10

Leonardo Cartaxo


1 Answers

This error is caused by wrong CORS config. To fix it:

  • Update swagger by adding :
.addServer('http://localhost:3000')
  • Add origin in CORS config (the address you're using) :
app.enableCors({origin: 'http://localhost:3000'});
like image 87
harian Avatar answered Oct 23 '25 06:10

harian



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!