Why doesn't it allow Access-Control-Allow-Origin?

D

Dmitry Sudarkin2019-03-25 14:05:03

CORS

Dmitry Sudarkin, 2019-03-25 14:05:03

Hey!
I send an AJAX GET request to my external
CORS service configured with the barryvdh/laravel-cors library

'supportsCredentials' => false,
    'allowedOrigins' => ['*'],
    'allowedOriginsPatterns' => [],
    'allowedHeaders' => ['*'],
    'allowedMethods' => ['*'],
    'exposedHeaders' => [],
    'maxAge' => 0,

Everything worked as it should. After transferring to another server, an error appears in the console

Access to XMLHttpRequest at 'https://путь_на_внешний_сервис' from origin 'http://сайт' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'http://сайт, *', but only one is allowed.

What is missing in the settings?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry Sudarkin, 2019-03-25
@GrozInventor

The allowedOrigins value helped to translate from an array to a string
'allowedOrigins' => '*'