Ignoring Control-Allow-Origin


#1

hello all,
I have an API i need to request from my APP. When i do the requests via nodejs it works fine as they do not rely on the “Control-Allow-Origin” header.
however when i do via framework7 it does recognise thise header from the API and thus it wont load the API request and i get a forbidden error.
Is there i way i can access an API with the framework7 that uses the “Control-Allow-Origin” header, so i have to ignore it somehow.


#2

Did you add

crossDomain: true,
xhrFields: { withCredentials: true }, // this option will make broswer send authentication cookie, if you need

to you ajax request?


#3

i have indeed tried that param.

but i still get the error:

No 'Access-Control-Allow-Origin' header is present on the requested resource.


#4

or using a jsonp request i get the error…

Cross-Origin Read Blocking (CORB) blocked cross-origin response


#5

Hi i use express with node, try like this

const app = express()
...
app.use((req, res, next) => {
  res.header("Access-Control-Allow-Origin", "*")
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
  next()
})

in some apis that i dont have access to, i use a chrome plugin Allow-Control-Allow-Origin:


#6

Or…

<?php
    header('Access-Control-Allow-Origin: *');  // no cabeçalho 
?>