Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Access to XMLHttpRequest at 'http://...' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
See original GitHub issueI’m getting the following error when using axios in redux-saga in react to post a multipart/form-data:
Access to XMLHttpRequest at 'http://...' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
My Flask-CORS config is dead simple:
app = flask.Flask(__name__)
flask_cors.CORS(app)
I see nothing in the docs referencing any non-default options to pass preflight checks for origin ‘*’. I’m not using cookies. What am I missing?
Issue Analytics
- State:
- Created 4 years ago
- Reactions:5
- Comments:9
Top Results From Across the Web
No 'Access-Control-Allow-Origin' header is present on the ...
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Read more >No 'Access-Control-Allow-Origin' header is present on the ...
Access to XMLHttpRequest at X from origin Y has been blocked by CORS policy: Response to preflight request doesn't pass access control check:...
Read more >Troubleshoot CORS errors from API Gateway - AWS
I get the error "No 'Access-Control-Allow-Origin' header is present on the requested resource" when I try to invoke my Amazon API Gateway ...
Read more >response to preflight request doesn't pass access control ...
Blocked by CORS policy: response to preflight request doesn't pass access control check / redirect is not allowed · Oct 29, 2021•Knowledge ...
Read more >The Access-Control-Allow-Origin Header Explained
Often times when calling an API, you may see an error in your console that looks like this: Access to fetch at 'http://somesite.com'...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I have hit the same issue recently, and at last I found it was caused by the unmatch of request url. For example, at flask, I claim a url as this
but the url frontend requesting is ‘/user’,this will cause the flask returned a 308 redirect response which is not allowed by Cors preflight request.
So the conclusion is making the backend url and frontend url stricly match will solve the problem. I hope this helps.
You can also try
@app.route('/user/', methods=['GET'], strict_slashes=False)to make this work without getting the 308 response.