Tricks To Solve URL scheme must be “http” or “https” for CORS request

As a web developer, you might encounter various errors while developing a website that can come in the way of your development. One such problem is CORS request which refers to Cross-Origin Resource Sharing and developers commonly known as “CORS.” 

When faced with CORS, you will get an error, “URL scheme must be “http” or “https” for CORS request.” Here, we will discuss the causes and how to resolve the error. 

When Did The “Url Scheme Must Be “Http” Or “Https” For Cors Request” Error Appear?

The Cross-Origin Resource Sharing (CORS) protocol is a mechanism that allows limited resources on a web page to be requested from another domain. 

To ensure that CORS requests are appropriately authorized, the scheme of the requested URL must be “http” or “https.” If the system is something other than “http” or “https,” then you will get the below error while making the request.

The error message can be like this: the URL scheme must be “http” or “https” for CORS request.

The Ultimate Guideline To Fix The Error

Solution 1

Solution 1 is to install a live server. This can be done using an extension for Visual Studio Code, if you are using that, or by using whatever server will work with your environment. 

Visual Studio Code allows you to edit a file in a running application using the command: Ctrl + P, E. The server should be restarted when you make changes to the configuration.

Solution 2

Uninstall chrome (or Chromium), and restart the browser with the –disable-web-security argument. We just tested this and confirmed that we can access the contents of an iframe with the src property set to “http://google.com” in a served online page from “localhost.”

Close all instances of Chrome before running the command.
chromium-browser --disable-web-security --user-data-dir="[some directory here]

The browser will pop up a warning asking you to refrain from the same-origin policy when you open it for the first time. From the chromium source: //Do not enforce the “use same origin policy” limitation. (Used by people testing their sites.)

Prior to Chrome 48, users could only use chromium-browser –disable-web-security.

Final Thoughts

In conclusion, there are two ways to solve the URL scheme: “http” or “https” for CORS request errors. One is to use a proxy server, which will act as an intermediary between the client and the server. Another option is to add the CORS headers manually to the server. 

Finally, you can try using a different browser. Each of these ways has its advantages and disadvantages, so you will need to decide which is best for your situation.


Related articles
Scroll to Top