CORS - Response to preflight request doesn't pass access control check

Question

I am trying to send a GET request to a server (the server and the local host have the same domain), however I keep getting the following error:

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This is the code I use to send the request

$.ajaxSetup({
            headers: {
                'Access-Control-Allow-Origin': "*",
                'Access-Control-Allow-Methods': "GET, POST, PATCH, PUT, DELETE, OPTIONS",
                'Access-Control-Allow-Headers': "Origin, Content-Type, X-Auth-Token"
            }
        });
            $.get(myurl, function(data) {

                console.log(data);
            });

I not sure how to fix this error, since I'm new to web development.

Answer 1

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

The Access-Control control headers have to be sent by the responding server. Depending on the response and requesting page, browser may allow the request to proceed, out just show the error you got.

If adding the headers was enough, any CORS policy would be moot: any page could access any resource.

the server and the local host have the same domain

I'm not sure what you mean here, but apparently your page is loaded from a different domain than myurl points to.

Answer 2

You have to set Access-Control in your server app, If your back-end is on java then you can use filter to set Access-Control headers

Answer 3

The Access-Control headers should be sent by the server, not by the client.