API POST error: access-control-allow-origin not allowed (CORS Policy)


#1

I’m receiving the following error when trying to make a POST request via the HTTP API.

Access to XMLHttpRequest at ‘https://www.ragic.com/my-company/knack/1?v=3&api’ from origin ‘my-domain-name’ has been blocked by CORS policy: Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

This seems to be an issue with the Ragic server’s response to the API Request.

Could someone guide me as to how to overcome this issue?
Thanks.


#2

This means that the browser running your request denies using the content you retrieved from the Ragic server to prevent XSS attack. The best way to avoid this is to do these API calls with server-side calls instead of client-side calls.


#3

Server side access is not possible in my use-case, unfortunately.


#4

Is it still possible to tackle this issue?