Copy link to clipboard
Copied
I am trying to connect BC to another system to control stocks and I am running into an error I never came across before:
Failed to load https://api.site.com/products?query=LS-06&_=1512050817436: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://my-app-key-[site id]-apps.worldsecuresystems.com' is therefore not allowed access. The response had HTTP status code 404.
I tried looking for some fixes on stackoverflow but it looks like its more a server configuration thing to do with CORS, that apparently can be fixed in the server, I was hoping someone else maybe handled this problem before?
Thanks
Copy link to clipboard
Copied
You can not of course just make Ajax requests from one site to another because of CORS and you either have to have token validation setup or risk security to open that up.
You should be using the proper API methods be it SOAP or the REST(Oauth) offered by BC.