client missing 'Access-Control-Allow-Origin' header

14 Views Asked by Konstantin Solovev At 26 March 2024 at 19:26

Summary

As part of learning of using Google Auth, I found that fetch("https://accounts.google.com/gsi/client") results in

Access to script at 'https://accounts.google.com/gsi/client' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Expected Behavior

Headers should contain access-control-allow-origin: * like it does when fetching https://apis.google.com/js/api.js

Actual Behavior

Response headers do not contain Access-Control-Allow-Origin header

Steps to Reproduce

Run fetch("https://accounts.google.com/gsi/client") either in the console in devtools or in a script

Original Q&A

There are 1 best solutions below

Konstantin Solovev On 26 March 2024 at 19:39

I have found that I set crossorigin="anonymous" for the script tag.

So, if I don't use CORS, everything works.

https://accounts.google.com/gsi/client missing 'Access-Control-Allow-Origin' header

Summary

Expected Behavior

Actual Behavior

Steps to Reproduce

There are 1 best solutions below

Related Questions in AUTHORIZATION

Related Questions in GOOGLE-OAUTH

Trending Questions

Popular # Hahtags

Popular Questions