-2

I try to use github oauth 2.0. As my website doesn't have a backend, I use XMLHttpRequest to send a post request, but I get the following error when sending post request to get access_token:

Access to XMLHttpRequest at 'https://github.com/login/oauth/access_token' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Here's my source code.

index.html

<a href="https://github.com/login/oauth/authorize?client_id=xxx&scope=user,public_repo">login</a>

functions.js

function getQueryVariable(variable) {} //This works well.
function sendPost()
{
    var http = new XMLHttpRequest();
    var url = 'https://github.com/login/oauth/access_token';
    var params = 'client_id=xxx&client_secret=xxx&code='+code;
    http.open('POST', url, true);
    //Send the proper header information along with the request
    http.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
    http.onreadystatechange = function() {
        if(http.readyState == 4 && http.status == 200) {
            alert(http.responseText);
        }
    }
    http.send(params);
}

login.html

<script src=functions.js></script>
<script>
var code=getQueryVariable("code");
console.log(code);
</script>
<script>
sendPost();
</script>
jeremy0519
  • 1
  • 2

1 Answers1

-2

Please do a quick read-up on CORS.

Most likely .. you have enable CORS.

https://www.w3.org/wiki/CORS_Enabled

Sarma
  • 332
  • 2
  • 6