CORS error when attempting to fetch the Google Pay config via `paypal.Googlepay().config()`

[jkeys089]

When running the example we’re getting the following CORS error in the browser:

Access to fetch at 'https://www.sandbox.paypal.com/graphql?GetGooglePayConfig' from origin 'http://localhost:8888' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

The issue occurs during the paypal.Googlepay().config() call and prevents the button from loading.

I verified via curl that there is no Access-Control-Allow-Origin header on this endpoint:

$> curl -v -X OPTIONS https://www.sandbox.paypal.com/graphql?GetGooglePayConfig 2>&1 | grep -i access < access-control-expose-headers: Server-Timing

Is there maybe something I'm missing or is it possible the endpoint is not working properly?

[eyyazubi]

i got the same error @jkeys089 did you solved this?

[jkeys089]

@eyyazubi we resolved it by using a non-local domain + TLS cert. In our case ngrok was the easiest method since we're already using it to test other services that require non-local domains over HTTPS (e.g. federated auth). However, depending on your dev env there are several other non-commercial options available.