Troubleshoot: Possible causes of a CORS error
14 January 2024 (Updated 14 January 2024)
If you get a CORS error like the below:
Access to XMLHttpRequest at 'http://localhost:8000/api/login' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.Possible causes could be:
- The host (the application making the request, usually a web browser)’s domain doesn’t match the allowed values in the origin server’s
Access-Control-Allow-Originheader. - The host is sending a header that isn’t included in the origin server’s
Access-Control-Allow-Headersresponse header. - The host is sending credentials (e.g., cookies) but the server doesn’t return a
Access-Control-Allow-Credentials:trueheader.
Tagged:
HTTP