Copy link to clipboard
Copied
Hi Experts,
I am trying to send billing information to - pilot-payflowlink.paypal.com
and I am using AJAX call to do that,
A cross-origin resource sharing (CORS) request was blocked because of invalid or missing response headers of the request or the associated preflight request .
To fix this issue, ensure the response to the CORS request and/or the associated preflight request are not missing headers and use valid header values.
Note that if an opaque response is sufficient, the request's mode can be set to no-cors to fetch the resource with CORS disabled; that way CORS headers are not required but the response content is inaccessible (opaque).
Request | Status | Preflight Request (if problematic) | Header | Problem | Invalid Value (if available) |
blocked | Access-Control-Allow-Origin | Missing Header |
I am sure many of you may have seen this message, and so please post the solution if you have one.
Copy link to clipboard
Copied
What's the expected value of #HostAddress# and what's its actual value? It looks like the actual value is an empty string.
Dave Watts, Eiddolon LLC
Copy link to clipboard
Copied
Actually, I think I just forgot how CORS works. This indicates that you wouldn't need to specify the Access-Control-Allow-Origin header in your AJAX request headers at all, it would simply have to match a corresponding header returned by CF when you requested the page. That kind of makes sense to me, as if I could just inject a block of JavaScript into your page that says "let me use this remote resource" there wouldn't be much point to CORS, I guess. Anyway, here's the page:
https://www.webucator.com/article/how-to-make-a-cross-origin-ajax-request/
I may still be forgetting how CORS works, or misunderstanding the specific example here. Sorry about that. But good luck!
Dave Watts, Eidolon LLC