GET requests to catalog fail with CORS Missing Allow Origin #125
Comments
|
Is there a reason you're using cURL commands rather than using the provided SDK to make the request? I'm guessing it has something to do with your "Origin" header in the cURL request; we do not allow requests from other origins as far as I know. This also frequently comes up as an issue if you attempt to make an API call from a front-end library, rather than a backend server. Also, unrelated to the aobve, but just FYI this SDK is no longer maintained, and you should be using the new SDK: https://github.com/square/square-nodejs-sdk. |
|
I was using only using curl to check that the requests were working. I installed square from node into an angular app, and the second request was created from the firefox devtools, from the failed GET request. I'm trying to have a front end only solution, using your API as the back end. I'll open a new issue on the other repo. |
|
Just to confirm: if you remove the "Origin" header from your cURL request, it should work. |
|
I opened a new issue in the correct repo, this one can be closed now. |
|
And yes, when the origin is not in the request it works. But those headers are added automatically when I use the Client object |
I am trying to use the catalog API but requests are failing with CORS Missing Allow Origin.
I can use curl to send GET requests to the sandbox API and I get the expected result.
But when I send the same request from my webapp, which includes the origin and referer headers, the response is a 403 with "CORS Missing Allow Origin"
This works
This fails
The text was updated successfully, but these errors were encountered: