sajad torkamani

If you get a CORS error like the below:

Access to XMLHttpRequest at 'http://localhost:8000/api/login' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

Possible causes could be:

  • The host (the application making the request, usually a web browser)’s domain doesn’t match the allowed values in the origin server’s Access-Control-Allow-Origin header.
  • The host is sending a header that isn’t included in the origin server’s Access-Control-Allow-Headers response header.
  • The host is sending credentials (e.g., cookies) but the server doesn’t return a Access-Control-Allow-Credentials:true header.
Tagged: HTTP