i am struggling with this error

 cors error header disallowed by preflight response 

tried almost all possible combination but chrome is continuously throwing this error

i have tried these headers from php

 // header('Access-Control-Allow-Origin: stylishgames.myshopify.com'); header('Access-Control-Allow-Origin: *'); // header('Access-Control-Allow-Methods: POST, GET, OPTIONS'); // header('Access-Control-Allow-Methods: POST, OPTIONS'); header('Content-Type: application/json;charset=UTF-8'); // header('Access-Control-Allow-Origin: * '); header('Access-Control-Allow-Methods: HEAD, GET, OPTIONS, POST, PUT'); header('Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description'); header('Access-Control-Max-Age: 1728000'); header('Access-Control-Allow-Credentials', 'true'); 

same thing can be checked live at this site

go to this page

 

click on add to cart and then in bottom you can see campaign_page.php in network tab when you click on ADD to cart and then click next and this error will appear,

any help will be great

1 Answer

Explicitly allow headers required by the browser's request. Get the full list from the Access-Control-Request-Headers field of the preflight request.

Explanation

The browser sends the preflight request to inquire whether the server hosting the cross-origin resource will permit the actual request. The preflight's Access-Control-Request-Headers field lists the headers the request will use. The server response contains the complementary Access-Control-Allow-Headers field, specifying the allowed headers (See Mozilla docs)

The Header Disallowed By Preflight Response error appeared because your server doesn't allow some of the headers from the browser's request. To see which ones are missing, look at the preflight request sent by Chrome. You can access it on the Network tab.

Access-Control-Allow-Origin and Access-Control-Allow-Methods were irrelevant to the error — that's why changing them had no effect.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy