POST requests via XMLHttpRequest fails

API
1

Hi all!

I’ve got an issue related to API v2.0.

I’m trying to send XMLHttpRequest (using axios) to API from browser.

GET requests with query parameters works fine.

Example:

const CIRCLE_TOKEN: string = ‘***’;
const API_URL: string = ‘https://circleci.com/api/v2’;
const PROJECT_SLUG: string = '/gh/###/###;

        const fetchPipeline = async () => {
            const result = await axios({
                url: `${API_URL}/project${PROJECT_SLUG}/pipeline?circle-token=${CIRCLE_TOKEN}`,
                method: 'GET',
            });

            console.log(result);
        };

But for POST every request failed due to CORS policy

        const postPipeline = async () => {
            const result = await axios({
                url: `${API_URL}/project${PROJECT_SLUG}/pipeline`,
                method: 'POST',
                headers: {
                    'Access-Control-Allow-Origin': '*',
                    'Content-Type': 'application/json',
                    authorization: `Basic ${CIRCLE_TOKEN}`
                }
            });

            console.log(result);
        };

The error is following

Access to XMLHttpRequest at ‘https://circleci.com/api/v2/project/gh/###/###/pipeline?circle-token=***’ from origin ‘localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Could anyone help, is something wrong with request config?

2

Hey
Have u solved this issue?

I found only one workaround: https://cors-anywhere.herokuapp.com/

3

I am looking for a response to this same issue.

My curl POST request works fine, but fetch returns a blocked by CORS policy.

Is it possible to whitelist a domain via CircleCI, or is there another workaround?

4

I have the same problem.