how to fix 'Access to XMLHttpRequest has been blocked by CORS policy' Redirect is not allowed for a preflight request only one route
Disabling CORS policy security:
- Go to google extension and search for Allow-Control-Allow-Origin.
- Now add it to chrome and enable.
Add https://localhost to it’s setting like the screen shot:
Now close all your chrome browser and open cmd. Then run the followin command:
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –-allow-file-access-from-files --disable-web-security --user-data-dir --disable-features=CrossSiteDocumentBlockingIfIsolating
If the command runs properly you will see the following notification like the below screenshot:
If you can’t see the notification then the command didn’t work. So you should check the directory link that have been specified in the command to ensure that the chrome.exe file exist in that directory link. If you find the
chrome.exe
file then after closing the chrome browser you should check the task manager if any other chrome service is running in background. After closing all the services the command should work as expected.
Internet Explorer:
- To disable cors policy in internet explorer please go to
internet option > security > Internet
and uncheck enable protected mode. Then click on custom level and enable Access data sources across domains under Miscellaneous like the below image. Follow the same process for
internet option > security > Local intranet
.
Hope it will solve your problem.
The issue is from the back-end side in our case is Laravel, in your config/cors.php try to use the below config:
'supportsCredentials' => true,
'allowedOrigins' => ['*'],
'allowedOriginsPatterns' => [],
'allowedHeaders' => ['*'],
'allowedMethods' => ['*'],
'exposedHeaders' => [],
'maxAge' => 0,
Or you can try to use this code in the top of public/index.php
Edit
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE');
header('Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, X-
Request-With');