Access-Control/CORS Headers?

agrohsagrohs Posts: 6Member
I have my API request running properly through the command line over cURL, but when I try to move them to my website and calling via jQuery or Node, I am receiving back errors on the pre-flight/options request saying that the standard CORS/‎‎Access-Control-Allow-Origin header is not set. Does anyone know how to get the Lightspeed endpoint to respond properly to pre-flight requests?

"Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8888' is therefore not allowed access."
Tags:

2 comments

  • gregaricangregarican Posts: 218Member 
    Are you sure that your own website isn't the one that's giving that error? I have implemented a middleman sort of API aggregator that calls out to a few different API web services (e.g. - Shopify, Lightspeed, etc.). And my website is the one that implements CORS and I have to manually specify which origin points are allowed. In my case I allow my admin workstation and a narrow set of external hosts.
  • Adrian SamuelAdrian Samuel Posts: 367Moderator, Lightspeed Staff moderator
    @agrohs if your integration is connected properly and is returning the data via JSON/XML then as @gregarican says it does sound like your app is the issue.

    Try adding the following to your request headers witin your front-end app:
     "Access-Control-Allow-Origin":"*"
Sign In or Register to comment.