Access to XMLHttpRequest has been blocked by CORS policy

Your error:

Access to XMLHttpRequest at 'my_url' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

My error:

Access to XMLHttpRequest at 'localhost:3000/api/todo' from origin 'http://localhost:4200' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https.

(Even though a bit different error but i'll answer anyway)

Now two questions here:

  1. How did i resolve my issue?

Ans. Putting 'http://' before api i used, means 'http://localhost:3000/api/todo'.

  1. What might've caused your error?

Ans. Can't say for sure but i dont see your api url instead it says 'my_url' (comparing both errors). I thik you may've passed string instead of variable.

I'll be happy if this helps anyone. Because this cost me almost 2hr and now it's midnight(almost).


There are two ways this can be handled:

  1. Temporary Front-End solution so you can test if your API integration is working:

Click on window -> type run and hit enter -> in the command window copy:

chrome.exe --user-data-dir="C://Chrome dev session" --disable-web-security

This will open a new "Chrome" window where you can work easily. This is a temporary solution. Every time you will have to work with this chrome window.

  1. Permanent solution:

In the backend code, the developer needs to add an annotation @Crossorigin right above the CRUD api call method.

Let me know if it works.