CORS Issue with POST Requests to EspoCRM API from External Domain

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • sapyantuk
    Senior Member
    • Oct 2020
    • 265

    CORS Issue with POST Requests to EspoCRM API from External Domain

    Hello EspoCRM Developers,

    I am trying to send a POST request to EspoCRM using the API from my website, which is hosted on a different domain.

    I have created an API user, assigned the necessary roles, and tested the setup using Postman. Everything works fine in Postman. However, when I attempt to send the POST request from my website, I encounter the following error:

    Access to fetch at 'https://abc.com/api/v1/#entity' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
    I am using Ubuntu as my server environment.

    Despite trying to host the website on a server, I still encounter CORS issues. Could you please guide me on how to resolve this and allow my website to communicate with EspoCRM?

    Thank you for your assistance.
  • dimyy
    Active Community Member
    • Jun 2018
    • 569

    #2
    Did you try add header Access-Control-Allow-Origin: abc.com (or *) to your self hosted server. Your request blocked by browser bicose abc.com is not equal 127.0.0.1. If you try post request on any other then 127.0.0.1 server your request will be blocked.

    Comment

    • fabianhirter
      Junior Member
      • Jul 2024
      • 4

      #3
      Is it not possible to enable the cors middleware?

      See also my post: https://forum.espocrm.com/forum/gene...ors-middleware
      Middleware class: Espo\Tools\Api\Cors\Middleware. Can be added to the global list or to specific routes. If added to the global list, you also need to add routes. Routes example: [ { &q...

      Comment

      • dimyy
        Active Community Member
        • Jun 2018
        • 569

        #4
        In this section, we will explain what cross-origin resource sharing (CORS) is, describe some common examples of cross-origin resource sharing based attacks, ...

        Comment

        Working...