How to overcome error: (missing CORS header "Access-Control-Allow-Origin")?

C

CrazyKing2019-10-16 15:24:45

Apache HTTP Server

CrazyKing, 2019-10-16 15:24:45

Good afternoon!
I'm trying to get a picture from my site using the API, it turns out something like this:

https://www.pho.com/?p={%22files%22:[%22https://site.net/wp-content/uploads/2019/Play_or_Die.jpg%22],%22environment%22:{}}

In the console I get an error:

Request from foreign origin blocked: Single origin policy prevents reading remote resource at https://site.net/wp-content/uploads/2019/10/Play_o... (Reason: Missing CORS header "Access-Control-Allow-Origin ").

I tried adding to .htaccess:

Header always set Access-Control-Allow-Origin: " https://www.pho.com "
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control- Allow-Headers "X-Requested-With, content-type"

I tried with "*", the header is still missing. Already tried many different options.
At the same time, if I check the response from " https://site.net/wp-content/ ", then I see permission in the response, and if further, then it's gone.
Prompt who faced where to dig?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

SagePtr, 2019-10-16
@CrazyKing

Because permission should be issued by the resource from which you are requesting data, and not the one on which you are requesting.