Fetch request blocked by CORS policy

Question

I tried to fetch up some Clash Royal data, which works perfectly on Postman, but when I try to use it in my localhost server, this message appears:

Error Message

This is my Code:

enter image description here

I have tried several headers, all of which do nothing. All solutions on the internet say that I need to change the API settings, which is impossible since I am (obviously) not the owner of the API. Am I doing something wrong?

I expected to get the correct JSON data and tried several headers, even the one Postman uses.

Unlike browsers, Postman doesn't enforce the Same-Origin Policy. If Clash Royale's API isn't configured for CORS or doesn't allow your origin, you won't be able to consume it from your frontend. You'll have to use backend code to consume it. — jub0bs, Apr 02 '22 at 20:33
@jub0bs what exactly do you mean by backend code, would appreciate a little more detail. But thanks for the answer! — Clytax, Apr 02 '22 at 20:36
Read this: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS — jub0bs, Apr 02 '22 at 20:41
You might want to set up your own server (nodejs or anything) and call api from there and pass down the data to frontend side. — Kaung Khant Zaw, Apr 02 '22 at 21:05

score -1 · Answer 1 · answered Apr 02 '22 at 19:53

-1

You can use https://allorigins.win/, just change your URL to https://api.allorigins.win/raw?url=https://api.clashroyale.com/v1/players/%23C8UVYUL90

answered Apr 02 '22 at 19:53

DanRotaru

9
1

Now it says that Authorization header is not allowed " has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response." – Clytax Apr 02 '22 at 20:38

score -1 · Answer 2 · answered Apr 02 '22 at 20:55

-1

When the server sends a request, there is no cors check. Cors error occurred when origin is different in the web browser. In this situation, your request is from origin: 192.168.2.36:5000 to: https://api.clashroyale.com. Origin is different. Thus, if clashroyale server is not yours, you cannot put reponse header: Allow-Access-Control-Origin-Header: * for allowing access from 192.168.2.36:5000. So you should process this request in your own server not in your website!

answered Apr 02 '22 at 20:55

Taehyun Hwang

232
1
2
10

1

ohhh alright, thanks! I guess my recent MERN stack tutorial will pay off now haha – Clytax Apr 02 '22 at 21:09
Good!! Happy day – Taehyun Hwang Apr 03 '22 at 02:13
Someone disliked your question and all answers.. – Taehyun Hwang Apr 03 '22 at 02:14
Yea no idea why I guess some people just dislike everything – Clytax Apr 03 '22 at 04:45

Fetch request blocked by CORS policy

2 Answers2