when trying to reach it from a subdomain, I get 403:
const r = await fetch("https://cors.mydomain.com/https://some-iframe-url.io/", {
"headers": {
"origin": "https://www.test.mydomain.com/",
}
});
// fails with 403
// The origin "https://www.gamma.vectary.com" was not whitelisted by the operator of this proxy.
But when doing the same from a 2nd level domain, it's all good
const r = await fetch("https://cors.mydomain.com/https://some-iframe-url.io/", {
"headers": {
"origin": "https://www.mydomain.com/",
}
});
// 200 OK
I'm running cors-anywhere via pm2:
when trying to reach it from a subdomain, I get 403:
But when doing the same from a 2nd level domain, it's all good
Am I missing anything?