No 'Access-Control-Allow-Origin' header is present error
AnsweredI'm trying to send an ajax request to "example123.com".
requests: {
something: {
url: 'https://api.example123.com/something',
type: 'GET',
dataType: 'json',
cors: true,
xhrFields: {
withCredentials: true
},
headers: {
"Authorization": "123"
}
},
}
But I have an error:
XMLHttpRequest cannot load https://api.example123.com/something.
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'https://mycompany.zendesk.com' is therefore not allowed access.
As I understand, I can't do anything about it because it's example123.com who has to allow Access Controll Allow Origin policy on their website, not me, right?
-
Official comment
You got it. Your request looks good, but that header needs to be set by the api.example123.com server. If you want to request CORS support this is a great link to share: http://enable-cors.org/server.html
Edited: this is only if you need/want to use CORS. We provide a proxy to let you make requests to different domains when CORS is not enabled on the destination server.
-
In cases where you can't enable CORS on the target server you can remove the cors: true from your request. That will proxy it through the same origin, bypassing this error.
-
Yes, very good point Roman. I was assuming you needed CORS, but we provide a proxy in the apps framework to help you make requests like this without using CORS.
-
Roman Sandler, I need whatever makes it work, which is sending an ajax request to an external, not mine own third-party server. What do you mean exactly? How might I not need CORS?
-
I've built my own proxy server, but the error remains, whereas it shouldn't. Why?
-
I've created a ticket to investigate this issue further. We'll need some help reproducing this error to debug it.
-
fdfdsfds,
I see you've had a ticket created for this question. I'll go ahead and mark this post answered.
Dan
Post is closed for comments.
7 Comments