What's going on with these corsas?

S

stepan-neretin72020-03-23 23:06:39

CORS

stepan-neretin7, 2020-03-23 23:06:39

https://pastebin.com/raw/yhvU8vmz
There is a code, I'm trying to make a request to my server

Nothing works, but everything is ok via

postman Here are the headers that my laravel returns

Where to look, what to think? Tell me please

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

A

Andrey Suha, 2020-03-23
@andreysuha

here

E

Eugene Pedya, 2020-03-24
@fpinger

HTTP Server API not Apache by any chance?
It often needs to be forced to enable support for HTTP OPTIONS requests.
Otherwise, the ban will still be at the HTTP server level.
In any case, by logging (logging) requests on the HTTP server and in the API application, you can determine what goes where and who gives the answer.
postman, on the other hand, makes requests directly, and therefore they most likely go through neither as cross-domain

S

Sergey Popov, 2020-03-24
@be_a_dancer

Follow the instructions of the fruitcake/laravel-cors package (former barryvdh/laravel-cors) and everything will be fine.

R

Robur, 2020-03-24
@Robur

You need to look at browser devtools, not postman.
what there headings come from the server.
Your error is not with CORS at all, but with CSP (connect-src)

N

Nikita, 2020-03-24
@Extar93

The last lark has a built-in cors, you only need to turn it on. The documentation for migrating to 7.x has a link to instructions.