Reputation: 807
XMLHttpRequest blocked by CORS Policy
I add an API with following script in let's say http://www.test.com:
<script src="http://apiendpoint.com/api/v1/api.js"></script>
<div id="api" data-apikey="LA59CJI9HZ-KIJK4I5-3CKJC"></div>
api.js
$(function () {
apikey = $('#api').data('apikey');
$("#api").load("http://apiendpoint.com?apikey=" + apikey);
})
When I load the page, I get following error:
XMLHttpRequest cannot load apiendpoint URL. Redirect from 'apiendpoint URL' to 'apiendpoint URL' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'test URL' is therefore not allowed access.
In the path of apiendpoint.com I added in .htaccess following code:
Header set Access-Control-Allow-Origin "*"
But it does not work.
Upvotes: 63
Views: 334662
Answers (2)
Reputation: 69
I know this might be late, but hope this will help others. This problem comes from backend side, call CORS. I'm using java for backend so I added@CrossOrigin to Controller class. It works!
Upvotes: 6
Reputation: 933
I believe sideshowbarker 's answer here has all the info you need to fix this. If your problem is just No 'Access-Control-Allow-Origin' header is present on the response you're getting, you can set up a CORS proxy to get around this. Way more info on it in the linked answer
Upvotes: 15
Related Questions
- CORS with XMLHttpRequest not working
- Access to XMLHttpRequest from origin 'http://localhost:3000' has been blocked by CORS policy
- XMLHttpRequest Issue has been blocked by CORS policy:
- Access to XMLHttpRequest Blocked by CORS
- Keep getting No 'Access-Control-Allow-Origin' error with XMLHttpRequest
- Why are my CORS requests denied?
- Simple API call (CORS) not working
- CORs does not get enabled when using XMLHttpRequest?
- XMLHttpRequest cannot load URL. Origin not allowed by Access-Control-Allow-Origin
- XmlHttpRequest denied by Access-Control-Allow-Origin even though origin matches perfectly