Solutions to response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource error.

We have recently created an easy API call, then the error response to preflight request doesn’t pass access control check: No “Access-Control-Allow-Origin” header is present on the requested resource. Here is our answer to solve this error.

response to preflight request doesn't pass access control check: No "Access-Control-Allow-Origin" header is present on the requested resource

How To Solve It?

To solve this issue, for Windows, disable the CORS. Click the Start button, then select “Run” or press Windows + R. Carry out the following order: “chrome.exe –user-data-dir= “C://Chrome dev session” –disable-web-security”.

How Does It Happen?

While we are doing a basic API request, the following error appears.

“XMLHttpRequest cannot load http://server.apiurl.com:8000/u/login?login=facebook. Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. The origin ‘http://localhost’ is therefore not allowed access. Error 405″.

How To Fix response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource error

Solution 1

With Windows:
  • Launch the Menu
  • Click “Run” or press Windows+R
  • Run the following code: “chrome.exe –user-data-dir=”C://Chrome dev session” –disable-web-security”
With Mac:
  • Head to the Terminal
  • Carry out the following instruction: “open /Applications/Google\ Chrome.app –args –user-data-dir=”/var/tmp/Chrome dev session” –disable-web-security”

Solution 2

Because the “API Server” is considered a PHP program, the method listed below worked quite well. Insert the lines into index.php.

“header(‘Access-Control-Allow-Origin: *’);

header(‘Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS’);

header(‘Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token’)”.

Solution 3

There is no reason to close any Chrome in the version when its first successful solution has been used and the today version for Windows running Chrome.

  • Make a shortcut for it on the desktop.
  • Select the icon and select Properties from the menu that appears.
  • Modify the Target field.
  • Change the document address to “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe –disable-web-security –user-data-dir=”C:/ChromeDevSession”.
  • Launch Chrome and dismiss the warning that says “–disable-web-security not available!”

Please be aware that using this specific browser instance can expose you to hackers, so you should be careful!

Conclusion

Wrapping up our instruction for solving the response to preflight request doesn’t pass access control check: No “Access-Control-Allow-Origin” header is present on the requested resource error. Hope you are satisfied with our answer.

Go ahead and type your questions in the comment section if you have any. While you are reading our article, if there are any better solutions, please send us your ideas and thoughts to provide better ways to resolve these problems. Thank you!


Related posts
Scroll to Top