0

I am running a cross origin request from an index.html script tag. I receive a CORS error because

Reason: CORS header 'Access-Control-Allow-Origin' missing

I've read about CORS quite a bit. I am aware that a server needs to set the Access Control Header to * for my request to really succeed.

Yet if I run GET <URL> from the Linux Cli I get the expected JSON response.

But how are these two requests different? Is there any way to get it working from the browser?

API: https://www.fishwatch.gov/api/ (no code or anything)

I am trying to understand what is the reason for this?

Minsky
  • 2,277
  • 10
  • 19
  • 1
    The Linux CLI is not subject to the [Same-Origin Policy](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy) (or [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)) like browsers are. You're out of luck: the API in question doesn't seem to be configured for CORS. You'll need to consume it from your backend as opposed to your frontend. – jub0bs Dec 26 '22 at 13:51
  • 1
    @jub0bs that is helpful. So I guess the browser is reading the response headers and blocking us access? Indeed I can just call from the server and just resend it to the UI as json. – Minsky Dec 26 '22 at 14:11
  • Yes, that's exactly it. – jub0bs Dec 26 '22 at 15:40

0 Answers0