Skip to content

"No 'Access-Control-Allow-Origin' header is present on the requested resource" error for requests from localhost #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
andreas-paul opened this issue Aug 21, 2021 · 2 comments
Open

"No 'Access-Control-Allow-Origin' header is present on the requested resource" error for requests from localhost #22

andreas-paul opened this issue Aug 21, 2021 · 2 comments

Comments

@andreas-paul
Copy link

Hi there!

I'm developing a small tool for MSFS to request METARs from within the game, and I found your API, which is great!

The tool basically uses HTML and JS to perform GET requests to the API using the FETCH functionality. Since these request are done as localhost from within MSFS, and MSFS seems to use a browser internally, the request first sends a HEADERS OPTIONS request to your API. The response from your server does not seem to allow requests from localhost, and I get a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error. Using a local proxy works just fine, also from within MSFS (using https://www.npmjs.com/package/local-cors-proxy).

So my questions is if this intentional, or if there is a way to allow requests from MSFS? :)
@andreas-paul andreas-paul changed the title No 'Access-Control-Allow-Origin' header is present on the requested resource"_ error from localhost No 'Access-Control-Allow-Origin' header is present on the requested resource" error from localhost Aug 21, 2021
@andreas-paul andreas-paul changed the title No 'Access-Control-Allow-Origin' header is present on the requested resource" error from localhost No 'Access-Control-Allow-Origin' header is present on the requested resource" error for requests from localhost Aug 21, 2021
@andreas-paul andreas-paul changed the title No 'Access-Control-Allow-Origin' header is present on the requested resource" error for requests from localhost "No 'Access-Control-Allow-Origin' header is present on the requested resource" error for requests from localhost Aug 21, 2021
@iccowan
Copy link
Owner

iccowan commented Dec 8, 2021

@andreas-paul I'm glad you're looking at using my API! My apologies on the delayed response.

Have you been able to find a solution for this problem? I did some research, and this is built in by PHP to prevent CSRF attacks. This is not something that can be turned off for that reason. It would be best to see if there's some way to prevent the call from having a cross origin like this in MSFS.

I am planning on rebuilding the API at some point soon, so a feature I would consider adding is having a way to make a call and request METAR information being generated and placed in a file, then that file is accessible for 10 seconds or so. If I'm thinking correctly, that should get around that error (it's just like navigating to the webpage and then accessing a file). If this would be a viable solution, I'd be more than happy to consider making this enhancement.

@andreas-paul
Copy link
Author

andreas-paul commented Oct 5, 2022
edited
Loading

Hi, sorry for my late reply, I stopped working on this. It seems that MSFS is using a strange ORIGIN for the API request, not sure if this can be accepted or CORS disabled for this (again, not sure if this makes any sense and/or is at all secure): coui://html_ui

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andreas-paul @iccowan