Could not retrieve global preferences - Reason: CORS header ‘Access-Control-Allow-Origin’ missing

[c0pper]

Both when the login page loads and after login attempt "Could not retrieve global preferences" error pops up. I've read the other issues regarding this notification but haven't found one with the same error as in my logs. Here's my stack:

version: "3"

services:
  server:
    image: yooooomi/your_spotify_server
    restart: always
    ports:
      - "4288:8080"
    links:
      - mongo
    depends_on:
      - mongo
    environment:
      - API_ENDPOINT=http://192.168.1.151:4288 # This MUST be included as a valid URL in the spotify dashboard (see below)
      - CLIENT_ENDPOINT=http://192.168.1.151:3000
      - SPOTIFY_PUBLIC=client id
      - SPOTIFY_SECRET=client secret
      - CORS=http://192.168.1.151:3000,http://192.168.1.151:3002 # all if you want to allow every origin
  mongo:
    container_name: mongo
    image: mongo:4.4.8
    volumes:
      - /home/pi/docker/configs/your_spotify/db:/data/db

  web:
    image: yooooomi/your_spotify_client
    restart: always
    ports:
      - "3000:3000"
    environment:
      - API_ENDPOINT=http://192.168.1.151:4288

I tries with firefox both in incognito and normally, and with Chrome. Screenshots:

Firefox:

Fresh install of Chrome:

Thanks for the software and for your time.

[Yooooomi]

Hello, that's embarrassing! Does you have any reverse proxy that could strip out those headers? Also, does it work when you set the CORS variable to all. I understand all is not what you want, but if all still does not work, it would mean that something is stripping those headers out.

[c0pper]

With all it works. I'll be honest, I don't even know what CORS is so I'll take it. Thanks, very cool piece of software btw.

[Yooooomi]

Cors will prevent other site from executing request to your server on your behalf. You can ignore it quite safely with a self hosted service like this one. I'll close this as solved.