When I access the typeform API via browser using $.get or superagent or request or axios, I get the error No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access.
However, when I user cURL or HTTPIE or Postman to make the same request, it is successful everytime. How to solve this behaviour and how to implement the client version?
When I access the typeform API via browser using $.get or superagent or request or axios, I get the error No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access.
However, when I user cURL or HTTPIE or Postman to make the same request, it is successful everytime. How to solve this behaviour and how to implement the client version?
Share Improve this question edited Apr 29, 2016 at 23:52 bhspencer 13.6k5 gold badges37 silver badges44 bronze badges asked Apr 29, 2016 at 20:46 aayushkapoor206aayushkapoor206 611 silver badge2 bronze badges 2- 2 Browsers aren't allowed to make cross-domain AJAX requests unless the server specifically allows it. Servers are not restricted. – Barmar Commented Apr 29, 2016 at 20:53
- you can disable cors security in browsers for dev purposes. Just google it. – Ronnie Smith Commented Dec 5, 2016 at 19:04
2 Answers
Reset to default 6CORS is enforced client side by your browser. If you are not making the request with a browser CORS is not enforced.
CORS error can be manipulated through htaccess easily.
Add this to your .htaccess file: (add more file extensions as you need)
<FilesMatch ".(eot|ttf|otf|woff)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>