No 'Access-Control-Allow-Origin' header is present errorAnswered
I'm trying to send an ajax request to "example123.com".
But I have an error:
XMLHttpRequest cannot load https://api.example123.com/something.
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'https://mycompany.zendesk.com' is therefore not allowed access.
As I understand, I can't do anything about it because it's example123.com who has to allow Access Controll Allow Origin policy on their website, not me, right?
You got it. Your request looks good, but that header needs to be set by the api.example123.com server. If you want to request CORS support this is a great link to share: http://enable-cors.org/server.html
Edited: this is only if you need/want to use CORS. We provide a proxy to let you make requests to different domains when CORS is not enabled on the destination server.
In cases where you can't enable CORS on the target server you can remove the cors: true from your request. That will proxy it through the same origin, bypassing this error.
Yes, very good point Roman. I was assuming you needed CORS, but we provide a proxy in the apps framework to help you make requests like this without using CORS.
Roman Sandler, I need whatever makes it work, which is sending an ajax request to an external, not mine own third-party server. What do you mean exactly? How might I not need CORS?
I've built my own proxy server, but the error remains, whereas it shouldn't. Why?
I've created a ticket to investigate this issue further. We'll need some help reproducing this error to debug it.
I see you've had a ticket created for this question. I'll go ahead and mark this post answered.
Post is closed for comments.