Menu
I'm using fetch API to get data from other APIs this is my code:
var result = fetch(ip, {
method: 'get',
}).then(response => response.json())
.then(data => {
country = data.country_name;
let lat = data.latitude;
let lon = data.longitude;
//fetch weather api with the user country
return fetch(`https://api.darksky.net/forecast/efc76f378da9a5bd8bb366a91ec6f550/${lat},${lon}`);
})
.then(response => response.json())
.then(data => {
// access the data of the weather api
console.log(JSON.stringify(data))
})
.catch(error => console.log('Request failed', error));
but I face error in console:
Fetch API cannot load https://api.darksky.net/forecast/efc76f378da9a5bd8bb366a91ec6f550/52.3824,4.8995. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I set headers for the second fetch:
return fetch(`https://api.darksky.net/forecast/efc76f378da9a5bd8bb366a91ec6f550/${lat},${lon}`, {
mode: 'no-cors',
header: {
'Access-Control-Allow-Origin':'*',
}
});
error will gone but console.log(JSON.stringify(data)) do not log anything in console and the fetch not return any value.
what is the problem with my code?
230
If the server is under your control, add the origin of the requesting site to the set of domains permitted access by adding it to the Access-Control-Allow-Origin header's value. You can also configure a site to allow any site to access it by using the * wildcard. You should only use this for public APIs.
To send credentials in fetch , we need to add the option credentials: "include" , like this: fetch('http://another.com', { credentials: "include" }); Now fetch sends cookies originating from another.com with request to that site.
Cross-Origin Resource Sharing (CORS) errors occur when a server doesn't return the HTTP headers required by the CORS standard. To resolve a CORS error from an API Gateway REST API or HTTP API, you must reconfigure the API to meet the CORS standard.
i. Turn OFF the CORS plugin, reload the app, at this time you should still get the errors which are correct. ii. Turn it back ON, reload the app, if the APIs are successful, stop here, no need to proceed to iii.
To avoid the error "No 'Access-Control-Allow-Origin' header is present on the requested resource," verify the following: The origin's cross-origin resource sharing (CORS) policy allows the origin to return the "Access-Control-Allow-Origin" header.
"No 'access-control-allow-origin' header present" is up there as one of the least helpful error messages. Searching for it on the internet is likely to bring up a Stack-Overflow answer that is worse than wrong – it's dangerous.
Check if the origin returns the "Access-Control-Allow-Origin" header by running a curl command similar to the following: If the CORS policy allows the origin to return the header, the command returns a message similar to the following:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. This is a security protection on the browsers and it's an expected error. You can use XMLHttpRequest to receive and send data to remove server, but it's limited by the same origin policy.
The issue will not present when "no-cors" argument is used after the url
fetch(url, {mode: "no-cors"})
The problem is not in your JavaScript code, it is in the API, the server doesn't support cross origin request, if you are the owner of this API you have to add 'Access-Control-Allow-Origin' header to the response with the allowed origins (* to allow from any origin). in some cases jsonp request may work.
Note: this problem happen only when the request is generated from the browser
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
