CORS error on video upload

hi every one.
i developed a backend using Nestjs and then connected my server with domain.
before connecting domain dns to cloudflare everything worked fine but after setting dns, i get cors error when i want to send a POST request to server:

i have enabled cors for * in backend and set the nginx client max body to 200m but still get this error.

Looks like you have disabled (grey-clouded) the “api” subdomain in your Cloudflare DNS configuration. As you said, it works perfectly fine when bypassing Cloudflare. I can see that header being returned as expected. What if you re-enable Cloudflare proxying (orange-cloud)? Would be interesting to test that scenario as well.

Hi thanks for your response
unfortunately it is same as before:

i have forgot to mention this happens only to video, it happened to images before but i set firewall rule to bypass if route was /companies and images are fine now but POST video would give CORS error

That’s interesting. I’m still seeing the header when doing a request like this:

$ curl -v
Trying… (that’s Cloudflare)

< HTTP/2 200

< x-powered-by: Express
< access-control-allow-origin: *

Is the header added in all situations?

Oh, I see. I’ve seen some people having trouble with serving video (potential TOS violation), but don’t know if there’s anything special about uploading video. Maybe someone else can offer some input here.

Yes it is added from express handlers

Yes but im not serving but instead uploading via formData.
Thanks for your response