0

I have a PHP API that sends JSON.

Whenever I try to fetch that JSON I get:

ERR_HTTP2_PROTOCOL_ERROR Headers Headers 2

My .htaccess file looks like this:

I'm usign 000Webhost

I'm completely stumped on how to allow the fetch to actually fetch, any suggestions?

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
Metwesh
  • 87
  • 1
  • 7
  • Are you using JavaScript to access data on another domain? If so, look into [CORS](https://stackoverflow.com/a/25311247/231316) – Chris Haas Feb 12 '22 at 13:24
  • I am & did as described already & still no does. – Metwesh Feb 12 '22 at 13:36
  • Check your browser developer console for errors. Remember that CORS has to be enabled _by the server you are accessing_. There’s nothing in JS that can make this work. The alternative is to write your own server-side proxy for your JS to access. – Chris Haas Feb 12 '22 at 15:06
  • 2
    Please [edit] to paste the text used in the image into your question so that it can be read on all devices, quoted, edited, and found through search. As it stands now, [your image makes it hard to answer your question or for people with related issues to find your question](//meta.stackoverflow.com/questions/285551/why-not-upload-images-of-code-errors-when-asking-a-question). See the [formatting documentation](/editing-help) for tips to make your text appear nicely without resorting to images. – Stephen Ostermiller Feb 12 '22 at 17:44

1 Answers1

1

Problems

Your 2nd and 3rd screenshots indicate that you're adding an Access-Control-Allow-Origin header to the request. However, that header is a response header, not a request header; adding it to a request is pointless and counterproductive. Moreover, because it isn't listed in the value of your Access-Control-Allow-Headers header. Therefore, CORS preflight fails.

Besides, your 4th screenshot indicates that you're explicitly allowing the Origin header, but there's never a need for that, because that header is special and automatically added by the browser.

Solution

Stop sending an Access-Control-Allow-Origin header with your requests. You can also drop Origin from the Access-Control-Allow-Headers header in your CORS configuration.

jub0bs
  • 60,866
  • 25
  • 183
  • 186