Made a GET request using JS https://pastebin.com/kcCdiRxe , added CORS to the headers, but still output errors in the console. What could be the problem: 
Dastan Zholdas Dastan Zholdas
four 1 bronze sign
|
2 answers
In short, the principle of working with the server is that you send a request with headers,
the server responds with headers, you can see them in the developer console. 
Previously, the question came up with the answer:
How to do CORS requests?
Frog frog frog frog
352 2 silver marks 16 bronze marks
|
The problem is that you allow CORS on one resource, but it does not process the request itself, but redirects to another resource.
In this case, all intermediate resources, as well as the final ones, should have headers allowing CORS from your domain.
After all, how are redirects implemented?
The server returns the response to the first request with the 3xx code and the client must make a completely new, almost independent request for the resource specified in the Location header of the response.
The browser does this quite transparently, but each such request is independently subject to security policy checks, incl. CORS.
Solution options:
- Allow CORS on all participants of communication
- Proxy - do not redirect, instead of getting the necessary information directly from the first server, which you should give to the client.
- Third-party proxy - there are special services to circumvent this problem, in fact option 2 implemented by other participants. For example: cors.io
vp_arth vp_arth
19.3k 2 gold marks 30 silver marks 58 bronze marks
- Yes, it’s not completely clear on the screen, but apparently a redirect, the easiest thing to do in php is
echo file_get_contens(урл_куда_редиректит)and remove the header - Artem Gorlachev - Maybe it's easier, maybe not ... Who knows for sure? - vp_arth
|
DevTools, what headers come from the server? - Stepan KasyanenkoNetworkstab, click on the erroneous CORS request and look at theHeaderstab. There must be a header set by you. - Stepan Kasyanenko