0

I've been using Firebase functions emulator to develop the following function and had no issue running it from localhost.

exports.functionName = functions.https.onCall(async (data, context) => {
    const var1 = data.var1
    const var2 = data.var2

    const paymentIntent = await object1.property1.function1({
        ...
    });

    return({
        clientSecret: paymentIntent.client_secret
    })
})

Now that I deployed it on firebase (on the default url of projectName.web.app), when I reach the code which fetches this function, I get the following error:

Access to fetch at 'https://us-central1-projectName.cloudfunctions.net/functionName' from origin 'https://projectName.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Why am I getting this error, especially if it's coming from a call made on deployed website hosted by firebase? What can I do to get through this, and will that open me up to any security risks?

Doug Stevenson
  • 268,359
  • 30
  • 341
  • 380
Sam
  • 888
  • 10
  • 25
  • Please edit the question to show how you are making the request. There should be enough information in the question that anyone can use to reproduce the behavior (including the actual code of the Cloud function). I suggest reading about how to make a [complete minimal reproducible example](https://stackoverflow.com/help/minimal-reproducible-example), which is very important for getting good answers on Stack Overflow. – Doug Stevenson Mar 20 '22 at 22:16

0 Answers0