Access-Control/CORS Headers?

agrohsagrohs Member Posts: 6
in Development
I have my API request running properly through the command line over cURL, but when I try to move them to my website and calling via jQuery or Node, I am receiving back errors on the pre-flight/options request saying that the standard CORS/‎‎Access-Control-Allow-Origin header is not set. Does anyone know how to get the Lightspeed endpoint to respond properly to pre-flight requests?

"Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8888' is therefore not allowed access."
Tags:
· Share on Google+

2 comments

  • gregaricangregarican Member Posts: 702 
    Are you sure that your own website isn't the one that's giving that error? I have implemented a middleman sort of API aggregator that calls out to a few different API web services (e.g. - Shopify, Lightspeed, etc.). And my website is the one that implements CORS and I have to manually specify which origin points are allowed. In my case I allow my admin workstation and a narrow set of external hosts.
    · Share on Google+
  • Adrian SamuelAdrian Samuel Moderator, Lightspeed Staff Posts: 654 moderator
    @agrohs if your integration is connected properly and is returning the data via JSON/XML then as @gregarican says it does sound like your app is the issue.

    Try adding the following to your request headers witin your front-end app:
     "Access-Control-Allow-Origin":<span>"*"</span>

    Adrian Samuel

    Software Developer

    Lightspeed HQ

    · Share on Google+
Sign In or Register to comment.