Toma Tomov
Reputation: 1694
Multiple values in Access control header
I know there a lot similar question here and none of them was helpful. What I am using in my htaccess is:
Header set Access-Control-Allow-Origin "*"
Yet when I try to make a request from other site to my server I get the error:
Access to fetch at 'https://mydomain/api/path' from origin 'https://guestdomain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'https://guestdomain.com, *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Upvotes: 0
Views: 11
Answers (0)
Related Questions
- How does the 'Access-Control-Allow-Origin' header work?
- Trying to use fetch and pass in mode: no-cors
- Why does my JavaScript code receive a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error, while Postman does not?
- Request header field Access-Control-Allow-Headers is not allowed by itself in preflight response
- Access-Control-Allow-Origin Multiple Origin Domains?
- No 'Access-Control-Allow-Origin' header is present on the requested resource—when trying to get data from a REST API
- CORS: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true
- Response to preflight request doesn't pass access control check - No 'Access-Control-Allow-Origin' header
- Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers
- Origin is not allowed by Access-Control-Allow-Origin