How To Fix “CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response”?
Are you having problems with the issue “CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response“? How to fix it? In today’s article, I will provide solutions for you to solve the issues. Please follow the below steps to get the problem resolved now
How did “CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response” occur?
CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response
When you work with Javascript, you may get the issue CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response. Don’t worry, we are here to provide you solutions in order to resolve your problem.
How to fix “CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response”?
To Solve CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in prefpght response Error If You are using nodejs then Just install cors with help of this command: npm install cors –save Then, add following code in your app.js or server.js:
Solution 1: Set Access-Control-Allow-Methods
This is how you need to put Access-Control-Allow-Methods into your header
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,PATCH,OPTIONS');
Now, your error must be fixed.
Solution 2: Use cors
Install cors if you are using nodejs.
npm install cors --save
Next, enter the following code into your app.js/server.js
var express = require('express');
var app = express();
var cors = require('cors');
var bodyParser = require('body-parser');
//enables cors
app.use(cors({
'allowedHeaders': ['sessionId', 'Content-Type'],
'exposedHeaders': ['sessionId'],
'origin': '*',
'methods': 'GET,HEAD,PUT,PATCH,POST,DELETE',
'preflightContinue': false
}));
require('./router/index')(app);
Now, your error must be fixed.
Final words
The above are useful solutions that can help you fix “CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response” problem, if you can’t solve it well. Please leave a message.