- Getting a CORS error when using Access-Control-Allow-Origin
The Access-Control-Allow-Origin header should contain a list of origins that are "allowed" to access the resource. Here is what you can do to fix the issue:
- If you are getting a CORS error, then you should use an anonymous site that will use the asterisk.
- Sending back a header of Access-Control-Allow-Origin: * would allow all sites to access the requested resource.