Ajax Error - preflight

I have a Cordova/Framework7 app I’m trying to use Ajax, I’ve tried app.request.postJSON() & app.request.post() and even though my requests are working in Postman they are not working in my app and I get the following error:

Access to XMLHttpRequest at ‘url.com/GetAuthToken’ from origin ‘http://localhost:8000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: It does not have HTTP ok status.

I was using a test API initially to style responses before I have the live API info and my app.request.get() worked fine but the Live API and post requests are not working for me. Not sure if this is a CORS issue on my end or the API

Maybe a dumb question but are you testing on an actual device or emulator?

Obviously the actual device will not have access to your localhost, further to that if you are testing on an emulator do you have localhost whitelisted in the manifest?

Next, chrome and safari are getting more and more strict when it comes to not having https, so if you are using say httpd for your app at runtime and try and hit an unsecure endpoint you would get this as well unless you place in the CORS header to allow access from *

Thanks for your reply I’ve tried Emulator and actual, I can send a POST request to my dummy static test API successfully so I think maybe that rules out https???

This is what I have in my config.xml

<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />

<preference name="scheme" value="app" />
<preference name="hostname" value="localhost" />

I’m thinking it may be on the API end due to that fact that I can get a response from my dummy static API.

It is server-side issue, you need to configure CORS headers correctly there