How can I fix this CORS error using javascript?-CodePudding

Hey guys I am fairly new to programming so this is probably a very easy solution but I keep getting a CORS error when trying to run this program. (the api key was blocked for my safety). This code is pretty unorganized but once I can get a request working I will create an object for all the values.

This is the error I get with a live-server from the Chrome console:

Access to fetch at 'https://labelsupply.io/api/order' from origin 'http://127.0.0.1:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.

Here is the code for the POST request

document.querySelector('.btn-order').addEventListener('click', function(){
    
    Type = document.querySelector('#type').value;
    Weight = document.querySelector("#weight").value;
    FromCountry = "US";
    FromName = document.querySelector('#fromName').value;
    FromCompany = document.querySelector('#fromCompany').value;
    FromStreet = document.querySelector('#fromStreet').value;
    FromStreet2 = document.querySelector('#fromStreet2').value;
    FromCity = document.querySelector('#fromCity').value;
    FromState = document.querySelector('#fromState').value;
    FromZip = document.querySelector('#fromZip').value;
    ToCountry = 'US';
    ToName = document.querySelector('#ToName').value;
    ToCompany = document.querySelector('#ToCompany').value;
    ToStreet = document.querySelector('#ToStreet').value;
    ToStreet2 = document.querySelector('#ToStreet2').value;
    ToCity = document.querySelector('#ToCity').value;
    ToState = document.querySelector('#ToState').value;
    ToZip = document.querySelector('#ToZip').value;

    console.log(Type, Weight, FromCountry, FromName, FromCompany, FromStreet, FromStreet2, FromCity, FromState, FromZip);


    const data = {
        Type: '32854090-03dd-a3c1-a8c5-183d17a6e9a6',
        Weight: '12',
        FromCountry: 'US',
        FromName: '',
        FromCompany: '',
        FromStreet: '',
        FromStreet2: '',
        FromCity: '',
        FromState: '',
        FromZip: '',
        ToCountry: 'US',
        ToName: '',
        ToCompany: '',
        ToStreet: '',
        ToStreet2: '',
        ToCity: '',
        ToState: '',
        ToZip: ''
      };
      
      const headers = {
        'Content-Type': 'application/www-x-form-urlencoded',
        'X-Api-Auth': '000000000-0000000-000000-000000000',
        'Access-Control-Allow-Credentials': true
      };
      
      // Encode the data as a query string
      const queryString = new URLSearchParams(data).toString();
      
      fetch('https://labelsupply.io/api/order', {
        method: 'POST',
        headers: headers,
        credentials: 'include',
        body: queryString
      })
      .then(response => response.json())
      .then(data => {
        console.log(data);
      })
      .catch(error => {
        console.log(error);
      });
      
        
    })

I have tried using - credentials: 'include' but this results in the same error. I also have tried using lots of different header types. Maybe there is a better way to fix this CORS error. Any tips for any of my code will be helpful.

Thank you in advance :)

CodePudding user response：

This is a common issue, this happens if the server is not configured to allow requests from the domain making the request, or if the client is making a request to a server that does not support CORS.

You have to run the code on the server side because these errors occur only on client-side requests which the server cannot accept you request unless the server is configured to receive such requests.

CodePudding user response：

You need to enable CORS. Make an HTTP request from a server. Use a proxy server