imgrooot Posted November 7, 2020 Share Posted November 7, 2020 Basically I am submitting and retrieving data from a 3rd party's API. But every time I submit a form, it gives me this error. Access to XMLHttpRequest at 'https://3rdpartywebsite.com/api' from origin 'https://mywebsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. So I have been researching and there seems to be so many different answers. I have tried adding this code to the page but still get an error. <?php // ADD THIS CODE ON THE VERY TOP OF THE PAGE I AM SUBMITTING THE FORM. header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Credentials: true"); header("Access-Control-Max-Age: 1000"); header("Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding"); header("Access-Control-Allow-Methods: PUT, POST, GET, OPTIONS, DELETE"); ?> I have also tried to add this to .htaccess file and still get the same error. Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type" Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS" I was wondering what am I doing wrong? What's the correct way of implementing CORS to my site? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.