Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response.
Add it to the Access-Control-Allow-Headers
header in the response.
let headers = new Headers();
headers.append(âContent-Typeâ, âapplication/json; charset=utf-8â);
headers.append(âAcceptâ, â/â);
headers.append(âAccess-Control-Allow-Credentialsâ, âtrueâ);
headers.append(âUpgrade-Insecure-Requestsâ,â1â);
headers.append(âwithCredentialsâ,âtrueâ);
headers.append(âAccess-Control-Allow-Originâ,âhttp://localhost:8100â);
headers.append(âAccess-Control-Allow-Credentialsâ, âtrueâ);
headers.append(âAccess-Control-Allow-Methodsâ, âGET, POST, PUT, DELETE, OPTIONSâ);
headers.append(âAccess-Control-Allow-Headersâ, âContent-Type,Authorization,Upgrade-Insecure-Requestsâ);
That looks about right.
I set code like this but even I am getting Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response error
Does the preflight request actually return that header?
Add the cors extension in google chrome and enable it. It helped me to solve that issue.