Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vadim2022-02-18 15:40:53
CORS
Vadim, 2022-02-18 15:40:53

Are these Headers required - Access-Control-Allow-Headers?

Hey everyone,

figuring out CORS - preflight requests: OPTIONS returned, let's say the following

Access-Control-Allow-Headers: "'Content-Type,Authorisation,My-Api-Key,RestricteduserID'"


if subsequent requests to the server, for example GET to some resource, do not contain all these Headers, will a cors error occur? Or are these Headers just recommended?

all the best,
Vadim

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
R
Rag'n' Code Man, 2022-02-18
@iDmitriyWinX

The server returns you the allowed request headers, you can not specify them at all or specify them all at once, but if you add a header to the request that the server does not allow, for example, some not-allowed-header, then the server will not accept your request.

Similar questions
F
fr0zen2017-06-09 08:35:22
How to solve angularjs CORS issue? 1Reply
G
gera72021-05-11 10:36:07
Why is it dangerous to specify Access-Control-Allow-Origin: * (allow access to a resource from any origin) on the server? 3Reply
V
viktorulyushev2019-11-18 09:54:01
Explain how cross-domain security policy works using the example of an Angular module? 1Reply
M
Miteophanio2017-09-11 11:37:39
No 'Access-Control-Allow-Origin' when accessing classmates api from third party app? 0Reply
R
Ramzesh Halifionakis2020-03-09 13:18:33
How to safely transfer information from one site to cookies of another? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question