Access-Control-Allow-Headers in preflight response


#1

Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response.


#2

Add it to the Access-Control-Allow-Headers header in the response.


#3

let headers = new Headers();
headers.append(‘Content-Type’, ‘application/json; charset=utf-8’);
headers.append(‘Accept’, ‘/’);
headers.append(“Access-Control-Allow-Credentials”, “true”);
headers.append(‘Upgrade-Insecure-Requests’,‘1’);
headers.append(‘withCredentials’,‘true’);
headers.append(“Access-Control-Allow-Origin”,“http://localhost:8100”);
headers.append(“Access-Control-Allow-Credentials”, “true”);
headers.append(“Access-Control-Allow-Methods”, “GET, POST, PUT, DELETE, OPTIONS”);
headers.append(“Access-Control-Allow-Headers”, “Content-Type,Authorization,Upgrade-Insecure-Requests”);


#4

That looks about right.


#5

I set code like this but even I am getting Request header field Upgrade-Insecure-Requests is not allowed by Access-Control-Allow-Headers in preflight response error


#6

Does the preflight request actually return that header?


#7

Add the cors extension in google chrome and enable it. It helped me to solve that issue.