Blocked by CORS policy

[cardof]

Hi, we are in the las step of checkout and get this error:

Access to XMLHttpRequest at 'https://app.snipcart.com/api/cart/ae3216d0-ddcf-4513-a6d3-2f2bf9fbf5c4/pay' from origin 'https://www.xxxxx.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

on the other hand and at the same time we have this logs at snipcart developer logs:

FEB 09 20:53:56 | An attempt to create an order with invalid products has been made. Don't forget you can't add/update items attributes in the cart dynamically with javascript as it will cause crawling issues. You can read more about this here: http://docs.snipcart.com/getting-started/security -- | -- FEB 09 20:53:56 | Using JSON crawler http://docs.snipcart.com/configuration/json-crawler) to validate item '63d1152951fcc5' located at '/api/products/63d1152951fcc5'. FEB 09 20:53:56 | Validating item with id '63d1152951fcc5' located at '/api/products/63d1152951fcc5' on domain www.xxxxx.com'.

Any help will be welcomed.

tia.

[notrab]

It looks like you're missing your domain in the .env or in your Snipcart settings as it's only sending the relative URL to the backend and not the full absolute URL it expects.