Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

API endpoint blocked by CORS policy for localhost

See original GitHub issue

Trying to fetch Openwhyd Data Export API https://openwhyd.org/hot?format=json using React with JS fetch() method (https://reactjs.org/docs/faq-ajax.html), but it doesn’t run on localhost:3000, it gives the following error:

Access to fetch at 'https://openwhyd.org/hot?format=json' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Do you have any headers added to the API endpoints to allow usage on localhost?

  • OS: maciOS Mojave Version 10.14.5
  • Browser: Chrome Version 84.0.4147.89 (Official Build) (64-bit)
<bountysource-plugin>

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource. </bountysource-plugin>

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

2reactions
adrienjolycommented, Jul 28, 2020

Thank you for your help, Victor! 🙌

FYI, I just found out that, even if we enable CORS for this endpoint, Chrome does not support sending AJAX requests from localhost, even if CORS was enabled for *. (see https://stackoverflow.com/questions/10883211/deadly-cors-when-http-localhost-is-the-origin and https://bugs.chromium.org/p/chromium/issues/detail?id=67743#c47)

Workarounds:

  • start Chrome with the --allow-file-access-from-files --disable-web-security flags
  • use another browser

Note: Either way, CORS should be enabled on openwhyd’s backend first.

2reactions
victorWeiFreelancercommented, Jul 28, 2020

according to this https://stackoverflow.com/questions/36878255/allow-access-control-allow-origin-header-using-html5-fetch-api, cors needs to be activated from server side. The fetch config { mode: ‘no-cors’} is not going to help. I’m trying to add cors on server side

Read more comments on GitHub >

github_iconTop Results From Across the Web

Avoiding CORS Errors on Localhost (in 2020) | by Andy Potts
This is a simple guide to explain the two main solutions for disabling cross origin restrictions on localhost which I will explain in...
Read more >
Why does my http://localhost CORS origin not work?
API endpoint that we want to request that has CORS issues: ... Make sure to add a header for Access-Control-Allow-Origin for localhost ....
Read more >
Calling api from localhost blocked by CORS policy
I'm now trying to call the API (For example: http://34.125.63.243/flarun/public/api/discussions) from another web application running on ...
Read more >
Fixing Common Problems with CORS and JavaScript
Tutorial: This post walks through troubleshooting and fixing common problems associated with calling REST APIs from JavaScript.
Read more >
Troubleshoot CORS errors from API Gateway - AWS
Cross-Origin Resource Sharing (CORS) errors occur when a server doesn't return the HTTP headers required by the CORS standard. To resolve a CORS...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Consider Supporting Size() engine function for Complex Types

Next page

Prevent "use desktop/electron app" error message ...when using that app!