Access to XMLHttpRequest at <<amiiboseries url>> from origin <<mysite>> has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Closed this issue · 5 comments
I'm getting this error when trying to access amiiboseries:
Access to XMLHttpRequest at 'https://www.amiiboapi.com/api/amiiboseries' from origin 'https://amiibo-time.web.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
It's happening on my website over here: (the dropdown box at the top doesn't load any elements). It does allow me to access the Smash Ultimate list though.
https://amiibo-time.web.app/
I found the question on Stack Overflow too, and it seems the header needs to be changed in the back-end
I'm getting this error when trying to access amiiboseries:
Access to XMLHttpRequest at 'https://www.amiiboapi.com/api/amiiboseries' from origin 'https://amiibo-time.web.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
It's happening on my website over here: (the dropdown box at the top doesn't load any elements). It does allow me to access the Smash Ultimate list though.
https://amiibo-time.web.app/I found the question on Stack Overflow too, and it seems the header needs to be changed in the back-end
Thank you for the feedback. I had fixed it, and it should now return the Access-Control-Allow-Origin
Do you mind giving it a try and changed it back to be using https?
Edit: It was due to the reverse proxy. I forgot to make sure it's proxy correctly with parameters.
It's still not loading right. It says this when I inspect it. I am definitely using the https link on my page though.
Mixed Content: The page at 'https://amiibo-time.web.app/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.amiiboapi.com/api/amiiboseries/'. This request has been blocked; the content must be served over HTTPS.
It's still not loading right. It says this when I inspect it. I am definitely using the https link on my page though.
Mixed Content: The page at 'https://amiibo-time.web.app/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.amiiboapi.com/api/amiiboseries/'. This request has been blocked; the content must be served over HTTPS.
The error was due to the website not using HTTPS on amiiboapi.com. Please use https://www.amiiboapi.com, not http://www.amiiboapi.com
I had just checked https://amiibo-time.web.app/ that it is working now. However, seems like you still calling HTTP. Do change to HTTPS, that should be fixed now.
Shall close this, since there's no response from issuer :) But feel free to reopen the issue.