No 'Access-Control-Allow-Origin' header is present on the requested resource
Question

why does my javascript get a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error when Postman does not?



Untitled.png

mvp_badge
MVP

Hi,

Please check this almost 5-year old post I found while searching for that message online.

The main takeaway, from that post and Google Chrome's developer documentation is:

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. 

Hope this helps understanding your issue.

Jorge Martins wrote:

Hi,

Please check this almost 5-year old post I found while searching for that message online.

The main takeaway, from that post and Google Chrome's developer documentation is:

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. 

Hope this helps understanding your issue.

Hello Jorge,

Thank you for your answer.

I have asked to this API's developer and they told me to access API from server side not from client side.
Do you know how to call this kind of API from server side in Outsystem environtment?
Thank you very much.


mvp_badge
MVP

Hi Meri,

Take a look at this link about how to consume REST APIs with Outsystems. Hope it helps.

https://success.outsystems.com/Documentation/10/Extensibility_and_Integration/REST/Consume_REST_APIs


You have to understand that the CORS behavior is not an error — it’s a mechanism that’s working as expected in order to protect your users, you, or the site you’re calling. If I understood it right you are doing an XMLHttpRequest to a different domain than your page is on. So the browser is blocking it as it usually allows a request in the same origin for security reasons. You need to do something different when you want to do a cross-domain request.  In this case you need to enable your service for CORS which is cross origin resource sharing.

If you want to bypass that restriction when fetching the contents with fetch API or XMLHttpRequest in javascript, you can use a proxy server so that it sets the header Access-Control-Allow-Origin to *.



Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.