So I have an API deployed on a cloud service. For testing purposes I use various HTTP clients like Postman, Paw and RestClient to send request to my API and they all work just fine. But when I send an AJAX request from Browser either with jQuery, reqwset or any other, I get the following error:
XMLHttpRequest cannot load {/path/to/my/api/on/google-app-engine}. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access
So Why does an HTTP client work but browser throws an error? Is there any risk if enable CORS on the server?
Aucun commentaire:
Enregistrer un commentaire