1👍
✅
You’ve got two origins involved here, https://eccentrictoad.com and https://www.eccentrictoad.com. To allow requests from both you can use an array for the origin configuration option:
'origin': ['https://eccentrictoad.com', 'https://www.eccentrictoad.com'],
From a CORS perspective these count as totally separate origins, even if they’re actually the same server.
Source:stackexchange.com