[whatwg/fetch] Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response. (#467) from Vesli on 2017-01-26 (public-webapps-github@w3.org from January 2017)

From: Vesli <notifications@github.com>
Date: Thu, 26 Jan 2017 09:09:21 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/467@github.com>

I'm working with django as an API like and reactjs for client side.

I'm trying to make a POST request and as I've to send the csrf token I'm facing this issue:

```
return fetch(endpoint, {
 method: req,
 headers: {
                'Content-Type': 'application/json',
                'X-CSRF-Token': csrfToken,
        },
 body: JSON.stringify(data),
})
```

but I'm having this error from chrome:

> Fetch API [...] Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

I don't find something working from the web.. Any ideas?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/467

Received on Thursday, 26 January 2017 17:09:52 UTC