In apigility i have a code connected api. It worked flawless and was tested with test, postman and curl. Now i needed to make a quick change "ofcourse not tested" and i made a typo. Due to my php settings the typo raised a notice error. This error is then returned to the user via a status code 200.
But when you access the crossdomain api via ajax you will get a
"XMLHttpRequest cannot load <api url>. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin <origin url> is therefore not allowed access."
because the "Access-Control-Allow-Origin -> <origin url>" is missing.
This kind of sets the developer into the wrong direction trying to solve the problem.
So far my research leads to the EVENT_AUTHORIZATION_POST. This is where the result (null) is returned.
The following thing raised a eyebrow
In apigility i have a code connected api. It worked flawless and was tested with test, postman and curl. Now i needed to make a quick change "ofcourse not tested" and i made a typo. Due to my php settings the typo raised a notice error. This error is then returned to the user via a status code 200. But when you access the crossdomain api via ajax you will get a
"XMLHttpRequest cannot load
<api url>
. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin<origin url>
is therefore not allowed access."because the "Access-Control-Allow-Origin ->
<origin url>
" is missing.This kind of sets the developer into the wrong direction trying to solve the problem.
So far my research leads to the EVENT_AUTHORIZATION_POST. This is where the result (null) is returned.