Hi
I have shared hosting on godaddy. I'm trying to access an external API but always the following error in the browser dev tools.
XMLHttpRequest cannot load xxxx.
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin'
header is present on the requested resource. Origin xxxx is therefore not
allowed access.
I have tried to set headers in .htaccess file like this:
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
but not luck.
Any other settings I can do to get this work?
Hi @hengun348
Welcome to the GoDaddy community! Thanks for your post!
Usually, if you're encountering a setting that you're not able to update, it's usually due to the servers security policy or configuration. In this case, it's likely that the shared account you're on wouldn't allow you to change the header information, as that's what the server uses to correctly direct traffic to a specific website on a shared IP address. In this case, you may need to host in a different environment if you need additional access to the server configuration. Cloud, VPS, and Dedicated Servers give you the ability to customize the environment as needed.
Does anyone else in the community have direct experience in changing these settings?
You haven't included any code to indicate how you're accessing the external API.
Are you using jQuery AJAX? The return should be type jsonp and crossDomain should be set to true. a jQuery example:
$.ajax({
url:'http://whatever.com/endpoint/', dataType: 'jsonp', crossDomain: true, data: {'id':1, 'att':'fullName'} type: 'GET', success: function(data) { ... } })
If that doesn't help, please post some code for us to work with.
Can you please share the code snippet as to how you mange to do that?