Timeline for How i can fetch session data?
Current License: CC BY-SA 4.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 29 at 14:23 | comment | added | jub0bs |
In addition to @PeppeL-G's comment, note that neither allowing request header Origin nor exposing response header Content-Length is ever needed.
|
|
| Jun 4 at 10:41 | review | Close votes | |||
| Jun 8 at 0:02 | |||||
| Jun 4 at 10:31 | comment | added | Peppe L-G |
401 is not a CORS problem. The web browser is responsible for enforcing the Same-Origin Policy, and if the response from the server doesn't contain CORS headers that relaxes the Same-Origin Policy, then the web browser will reject the fetch() promise. So if your client-side JS manages to read out the status code 401, then you don't have any CORS problems, and the problem is that the server refused to carry out the request, for example because you didn't pass along any needed authorization information in the request.
|
|
| S Jun 4 at 10:16 | review | First questions | |||
| Jun 5 at 1:18 | |||||
| S Jun 4 at 10:16 | history | asked | Ciprian | CC BY-SA 4.0 | created from wizard |