Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Access to XMLHttpRequest at 'https://api.spotify.com/v1/me' from origin

Access to XMLHttpRequest at 'https://api.spotify.com/v1/me' from origin

My Question or Issue:

 

Im a fairly new developer trying to setup spotify integration for a web app I'm building. So far I've been able to get the access_token stored as a cookie, but when the frontend loads, I get the error:
"Access to XMLHttpRequest at 'https://api.spotify.com/v1/me' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute."

 

I believe I have my cors setup properly in the backend
"

origins = [
]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
    allow_headers=[
        "Authorization",
        "Content-Type",
        "Access-Control-Allow-Headers",
        "X-Requested-With",
        "X-Custom-Header",
        ],
    max_age=3600,
)"
 
However I am a new developer and could be completely wrong. I am using docker containers for each the frontend and the backend.  I am including withCredentials:true in my frontend when trying to make requests. Sorry if this is a dumb question, I'm just stuck right now.

 

Reply
0 Replies

Suggested posts

Type a product name