Reputation: 13827
about CORS between mobile application and web application
I encountered CORS error that when I fetch api from my web application. Oddly, that problem not occurred when I fetch that same API with POSTMAN and Mobile App (iOs & Android). That's why I'm about to talk my backend/server engineer to open CORS my web app IP address. But I'm concerned that I have no answer to explain him when he ask me why POSTMAN & Mobile App can be able to call that API even not web app.
Failed to load http://xxx.xxx.xxx.xx:8082/external/access_token: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8080' is therefore not allowed access. The response had HTTP status code 500. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Please let me know how should I explain him.
Upvotes: 0
Views: 6621
Answers (1)
Reputation: 6652
CORS is a security measure designed to prevent web pages from making requests to domains OTHER THAN THE DOMAIN THE PAGE WAS RECEIVED FROM (unless the server says it's ok).
Postman does not load a web page from one source and make API requests to another source. CORS does not make sense here. The same goes for mobile apps. No webpage loaded from one source and trying to make requests to another source.
https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
Upvotes: 4
Related Questions
- CORS issue between web/android/ios
- Handling CORS Issues in Ionic
- Setting up CORS policy for hybrid mobile web apps
- CORS issue while shaping working web app into a native Ionic app for Android
- Angular No 'Access-Control-Allow-Origin'
- Ionic 4 CORS issue on mobile device
- Mobile devices with credentials flag to true
- How to make CORS HTTP Request TO Angular App
- Do phonegap support Cors?
- Disabling CORS(cross-origin resource sharing) on the Mobile device - Ionic App