Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

missing token ‘x-auth’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel

See original GitHub issue

i want to get data with post method from axios package and xampp sever, i have an error when work with firefox :

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1/aftab/inventory3/v1/repository/all. (Reason: missing token ‘x-auth’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel).[Learn More] Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1/aftab/inventory3/v1/repository/all. (Reason: CORS request did not succeed)

but when test it in chrome it work correctly and i don’t have any error ,

my axios request code is:

console.log(“iman”); let page = 1; let config = { ‘Content-Type’: ‘application/x-www-form-urlencoded’, ‘x-auth’: localStorage.getItem(“token”), ‘Access-Control-Allow-Origin’: ‘*’ }; let data = {page: page}; if (localStorage.getItem(“token”)) { await axios({ method: “post”, url: “http://127.0.0.1/aftab/inventory3/v1/repository/all”, data: data, headers: config }).then(function (response) { console.log(response); }).catch(function (error) { if (error.response) { // The request was made and the server responded with a status code // that falls out of the range of 2xx console.log(error.response.data); console.log(error.response.status); console.log(error.response.headers); } else if (error.request) { // The request was made but no response was received // error.request is an instance of XMLHttpRequest in the browser and an instance of // http.ClientRequest in node.js console.log(error.request); } else { // Something happened in setting up the request that triggered an Error console.log(‘Error’, error.message); } console.log(error.config); }); } else { localStorage.removeItem(“token”); // this.history.push(‘/log/in’); }

in firefox console network, only option method was sent and after it we dont have any request but in the chrome it work correct and we have a post method request after option method

Issue Analytics

State:
Created 5 years ago
Comments:10

Top GitHub Comments

7reactions

chinesedfancommented, May 16, 2019

@Kshopper93 Don’t set Access-Control-Allow-Methods/Access-Control-Allow-Headers to * simply. In your case, use a certain value, Access-Control-Allow-Headers: Api-Key. Refer MDN.

1reaction

kevinvenclovascommented, May 16, 2019

@chinesedfan Dammm you saved my day 😄 Changed my Access-Control-Allow-Headers on server to->

<add name="Access-Control-Allow-Headers" value="*,Api-Key" />

and it works

Top Results From Across the Web

missing token 'x-auth' in CORS header 'Access-Control-Allow ...

I have similar issue and checked my axios version and it was 0.18.0 POST request was working fine. However, GET request was not...

Reason: missing token 'xyz' in CORS header 'Access-Control ...

The Access-Control-Allow-Headers header is sent by the server to let the client know which headers it supports for CORS requests.

Reason: missing token 'xyz' in CORS header 'Access-Control ...

This error occurs when attempting to preflight a header that is not expressly allowed (that is, it's not included in the list specified...

Getting "missing token 'authorization' in CORS header 'Access ...

Getting "missing token 'authorization' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel" when using spaces.

Missing token 'content-type' in CORS header 'Access-Control ...

Missing token 'content-type' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel. I'm using the (still experimental) AJAX endpoint for ...