Access-Control-Allow-Headers in preflight response

Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response.

Add it to the Access-Control-Allow-Headers header in the response.

1 Like

let headers = new Headers();
headers.append(‘Content-Type’, ‘application/json; charset=utf-8’);
headers.append(‘Accept’, ‘/’);
headers.append(“Access-Control-Allow-Credentials”, “true”);
headers.append(‘Upgrade-Insecure-Requests’,‘1’);
headers.append(‘withCredentials’,‘true’);
headers.append(“Access-Control-Allow-Origin”,“http://localhost:8100”);
headers.append(“Access-Control-Allow-Credentials”, “true”);
headers.append(“Access-Control-Allow-Methods”, “GET, POST, PUT, DELETE, OPTIONS”);
headers.append(“Access-Control-Allow-Headers”, “Content-Type,Authorization,Upgrade-Insecure-Requests”);

That looks about right.

I set code like this but even I am getting Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response error

Does the preflight request actually return that header?

Add the cors extension in google chrome and enable it. It helped me to solve that issue.