0

I want to retrieve the user information (like email, DoB, ... etc.) and in the component I did this:

 const instance = axios.create({
            timeout: 1000,
            headers: {
            "content-type": "application/json",
            "APPLICATION_ID": "XXXXX",
            "CLIENT_KEY": "XXXXX",
            "token": "Token"
            }
        });
        instance.get("url/" + app.id)
        .then(function(response) {
            console.log("I am here!");
            app.phone = response.data.result._User.phone;
            app.email = response.data.result._User.email;
            app.dob = response.data.result._User.dob;
            app.website = response.data.result._User.website;
            app.country = response.data.result._User.ountry;
        })
        .catch(function(error) {
            console.log("Error!");
        });

but it is always providing this error message:

Failed to load https:url/XXXXXX: Request header field token is not allowed by Access-Control-Allow-Headers in preflight response.

How can I fix this problem?

In addition, print in console Error!

Zahraa Jawad Jaber
  • 1
  • 4
  • https://stackoverflow.com/questions/32500073/request-header-field-access-control-allow-headers-is-not-allowed-by-itself-in-pr – samayo Aug 06 '18 at 11:30
  • You should allowed `Access-Control-Allow-Origin` in headers – Hearner Aug 06 '18 at 11:32
  • Read more about [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS). – Isaac Ferreira Aug 06 '18 at 11:35
  • @Hearner where should I put it? I am a beginner so I am not professional in these things. help me :) – Zahraa Jawad Jaber Aug 06 '18 at 11:42
  • In `headers`, add a line `"Access-Control-Allow-Origin": "*"` – Hearner Aug 06 '18 at 11:44
  • @Hearner where can I find the headers? Is it a file? – Zahraa Jawad Jaber Aug 06 '18 at 11:46
  • @ZahraaJawadJaber no, you already have it, `axios.create({ timeout: 1000, headers: {` right after your timeout. Just add the line `"Access-Control-Allow-Origin": "*"` – Hearner Aug 06 '18 at 11:47
  • @Hearner It is not work! error msg `Failed to load https://XXXXXX Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response.` – Zahraa Jawad Jaber Aug 06 '18 at 11:52
  • Add `'Access-Control-Allow-Headers', '*'` before – Hearner Aug 06 '18 at 11:53
  • @Hearner even when I add "Access-Control-Allow-Origin": "*" by itself, error msg is provided for me. – Zahraa Jawad Jaber Aug 06 '18 at 11:55
  • @Hearner Also, not work :( .. error msg : `Failed to load https:XXXXX Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response.` – Zahraa Jawad Jaber Aug 06 '18 at 11:57
  • This means that the server is not passing back in the header `access-control-allow-headers: token`. If your server is an Apache with `. htaccess` you can add your header as the following: Header set Access-Control-Allow-Headers "Token". In this answer there is additional information on how to set up headers: https://stackoverflow.com/questions/10640596/header-set-access-control-allow-origin-in-htaccess-doesnt-work – Marlon Barcarol Aug 06 '18 at 15:28

0 Answers0