For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
1 2 2 4

No 'Access-Control-Allow-Origin' header is present on the requested resource (Working in Postman but not in JavaScript)

Hi Team, I am getting CORS Error in Browser but its working fine in Postman. All the Headers are getting properly generated(Date, HMAC and Authorization) via my JavaScript Code. None of the Addons to by-pass the CORS are working for me. Can you please share the exact Headers which I need to attach in my requests in order to handle the CORS Error. Below are the exact error messages and attached are the screenshots.

In Chrome :

Access to fetch at 'https://api-worldcheck.refinitiv.com/v2/groups' from origin 'XXX-XXX' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

In Firefox :

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api-worldcheck.refinitiv.com/v2/groups. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Output & Error_Firefox & Postman.png
Headers_Firefox & Postman.png

world-checkworld-check-onescreening-api
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
15.2k 41 12 19

Hello @ANKUR SARASWAT,

CORS is a browser security feature which is designed to prevent cross embedding of resources and disable hijacking of third party content. As such, this strict checking of resource origin is only performed by browser and applications like Python/NodeJS/Postman are not affected by it.

Typical means to circumvent CORS limitation is to serve your web pages from your web server which in-turn makes the REST API calls to Refinitiv.

If you believe Access-Control-Allow-Origin should be included in WC1 response headers, then please raise an enhancement request at my.refinitiv.com to directly speak with product owners.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 2 2 4

Hello @Gurpreet,
Thank You for your timely and informative response. Can you please share the exact link for raising that enhancement request in order to take this forward, as we need to discuss this with the Product Owners accordingly? That will be really helpful for us.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
15.2k 41 12 19

@ANKUR SARASWAT , Once you login to my.refinitiv.com, click on Get Support button and select Provide Feedback. There you can select World Check One as the product, and describe this shortcoming.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 2 2 4

Thank You @Gurpreet for your response. Sure, I will do that and raise the request from there.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.