Cross-Origin Request Blocked happened but all requests are to source domain

Question

i have a problem in my site.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the 
remote resource at http://example.com/index.php.
(Reason: CORS header 'Access-Control-Allow-Origin' missing).

when i search about this error, the reason was sending request to an external domain. but it's not my problem reason, because all of my request is right to the source domain.

my domain is http://example.com and all requests are to the http://example.com/index.php.

*UPDATE:

This was just because of i was in use some un-handled headers in my request, so when the preflight Option response received, there was no access allow to that header from server, so this error happened.

Answer 1

Access-Control-Allow-Origin: *

this might help put it in the header and if u want more than you can check.. here https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

Answer 2

Try adding below code in API controller constructor, it works for me.

ERROR : Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [the url]

This can be fixed by moving the resource to the same domain or enabling CORS.

header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: PUT, GET, POST");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept");