[Vuejs]-Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource. (Reason: CORS preflight response did not succeed)

-1👍

When browsers come across a cross-origin AJAX call, it has to determine if the endpoint understands CORS protocol and what are the acceptable domains/methods/headers are. To do so they will fire Preflight Request in OPTIONS method. https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request

However not all AJAX call will trigger such preflight request. For example, if you just directly call

fetch('https://google.com/some_api')

which is essentially to fire a GET call without parameters to https://google.com/some_api, browser might choose to skip preflight and just fire the actual GET call.

-1👍

You should allow OPTIONS method, too. The preflight of the request consists of a request with method OPTIONS, which you should reply to with full headers and empty body.
Also check if your middleware does not throw exception on authentication.

Leave a comment