9

I am making a request to the third option on this page: http://www.groupkt.com/post/5c85b92f/restful-webservice-to-get-and-search-states-and-territories-of-a-country.htm

Im getting back the response I want, but I also get a CORS error which makes no sense to me... They said they have CORS enabled

results.component.ts:28 results;state=:1 Failed to load http://services.groupkt.com/state/search/USA?text=: No 'Access-Control-Allow-Origin' header is present on the requested resource.

let headers = new Headers();
      headers.append('Content-Type', 'text/plain');
      let options = new RequestOptions({ headers: headers });
      return this.http.get('http://services.groupkt.com/state/search/USA?text=cal', options)
        .map(this.extractData)      
        .catch(this.handleError);

The only way I have been able to get around this problem is to download a chrome extension that fixes CORS. But this is a project I need to hand in, so I doubt telling someone to download an extension is going to go over so well...

Yes I have cleared browser cache.

Alberto Martinez
  • 2,620
  • 4
  • 25
  • 28
  • Is part of your project to access that resource (services.groupkt.com) from the client side? I ask, because if your project actually involved proxying that resource through your own server, you still have more work to do. Also, you aren't **fixing** CORS, you're circumventing it. CORS is a security policy to protect users. – zero298 Oct 17 '17 at 19:51
  • `headers.append('Content-Type', 'text/plain');` — This makes no sense. You are making a GET request. There is no content in the request body to describe the content type of. – Quentin Oct 17 '17 at 19:54
  • It all depends on the server. Possible duplicate of https://stackoverflow.com/questions/35553500/xmlhttprequest-cannot-load-https-www-website-com – Jimenemex Oct 17 '17 at 19:56
  • I got that text/plain thing from another answer, guess Its pointless lol –  Oct 17 '17 at 20:07

1 Answers1

8

Im getting back the response I want, but I also get a CORS error which makes no sense to me

CORS errors are generated by the client when the server doesn't explicitly grant permission for JavaScript to read the response across origins.

This is entirely independent of whether or not the request generated a good response (i.e. if it was 200 OK or something else).

They said they have CORS enabled

Either:

  • They are wrong or
  • They have CORS enabled but only under conditions not met by the request you made (e.g. for a different URL)
Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335