In postman I can make a request to the xf api without issue, but when doing it with the fetch api on localhost, I get an error about the api key not being present. It's in the headers, and I can see it in the dev tools. Access-Control-Allow-Origin is set in .htaccess, not sure if there's anything else I'm missing which would be causing the headers to not reach the server.
Kruzya
Well-known member
Are you has
developer.mozilla.org
XF-Api-Key in Access-Control-Allow-Headers?
Access-Control-Allow-Headers - HTTP | MDN
The HTTP Access-Control-Allow-Headers response header is used in response to a preflight request to indicate the HTTP headers that can be used during the actual request. This header is required if the preflight request contains Access-Control-Request-Headers.
developer.mozilla.org
I didn't, but it's still not working. htaccess hasAre you hasXF-Api-KeyinAccess-Control-Allow-Headers?
Access-Control-Allow-Headers - HTTP | MDN
The HTTP Access-Control-Allow-Headers response header is used in response to a preflight request to indicate the HTTP headers that can be used during the actual request. This header is required if the preflight request contains Access-Control-Request-Headers.
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers XF-Api-Key
and the fetch request has
JavaScript:
fetch(url, {
method: 'POST',
mode: 'cors',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'XF-Api-Key': key,
'XF-Api-User': user,
},
referrerPolicy: 'origin-when-cross-origin',
body: new URLSearchParams({ login: login, password: pw }),
})