14

when I will add data to the database using the function, and on the server I have added Access-Control-Allow-Origin so that it is not blocked by CORS, but still error when I looked in the browser console tools tab console

Access to XMLHttpRequest at 'https://int.goo.id/api/pg/sso.register' from origin 'http://127.0.0.1:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

how to deactivate CORS??

OceanL
  • 469
  • 1
  • 5
  • 21
  • 1
    I think you can't. You have to configure your server to add CORS header Access-Control-Allow-Origin: : – Dariusz Bacinski Sep 03 '19 at 19:34
  • I have added it on the server but only 2 functions to the database are blocked by cors namely the function to insert data – OceanL Sep 04 '19 at 03:10
  • See also https://stackoverflow.com/questions/60191683/xmlhttprequest-error-in-flutter-web-enabling-cors-aws-api-gateway/65858677#65858677 – Suragch Jan 23 '21 at 11:32

5 Answers5

3

For enabling cors on my server and to resolve XMLHttpRequest error in flutter web

I am using this in my .htaccess file for allowing access to certain domains only

 <ifModule mod_headers.c>
    SetEnvIf Origin "http(s)?://(localhost:25120|domain.com|domain2.com)$" AccessControlAllowOrigin=$0
    Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
    Header always set Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
 </ifModule>
Vicky Salunkhe
  • 9,869
  • 6
  • 42
  • 59
3

For anyone who is using node.js server, enable cors support in your server side code.

  1. npm i cors express
  2. In index.js or server.js -
const express = require("express");

const app = express();
var cors = require("cors");
app.use(cors());

This should fix cors issue with flutter web

Captain_Satya
  • 61
  • 6
0

if you have experienced something like that, and the server has added Access-Control-Allow-Origin but is still blocked by CORS, try checking the function (if you use the function to CRUD with postrgresql) because my problem is solved when I fix the function

OceanL
  • 469
  • 1
  • 5
  • 21
0

Disabling CORS policy on Chrome is a temporary solution. It's just frustrating that you have to manually call it before starting Chrome every. single. time. Disable same origin policy in Chrome

Binh Phan
  • 69
  • 7
0

Vicky Salunkhe described in his answer one option with .htaccess very well. I found that and an alternative if you try to read from a server where you are running a php script yourself here. If you want to read some data from a MySQL database and return it as json with the right CORS setting, you could try this:

<?php

header("Access-Control-Allow-Headers: Authorization, Content-Type");
header("Access-Control-Allow-Origin: *");
header('content-type: application/json; charset=utf-8');


$host_name = '...';
$database = '...';
$user_name = '...';
$password = '...';

$link = new mysqli($host_name, $user_name, $password, $database);
if ($link->connect_error) {    
    die('<p>Failed to connect to MySQL: ' . $link->connect_error .
     '</p>');
}
$link->set_charset('utf8mb4');

$sql = "...";
$result = $link->query($sql);
$result = $link->query($sql);
$data = $link->query($sql)->fetch_all(MYSQLI_ASSOC);
echo json_encode($data);
Stephan
  • 399
  • 1
  • 9