No 'Access-Control-Allow-Origin' header is present on the requested resource.

Access to XMLHttpRequest at ‘’ from origin ‘’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @supportbc1965e07fd043df06e,

Looks like your application or droplet does not include the Access-Control-Allow-Origin header in response to a preflight request (OPTIONS). A CORS request will fail if Access-Control-Allow-Origin is missing.

Having said that, to further provide any information about it, we might need more information. The issues itself could be of something really simple.For example, I was using die('message'); in a Laravel method and I received a CORS complaint, despite the CORS being whitelisted. After changing the response to just be return ['status' => 'success']; which formats over into JSON to the FE - problem solved. Curious if this may be the issue for some of you too. :)

Regards, KFSYs