Skip to main content


Showing posts from 2021

Configuring CORS in IIS - Response to preflight request doesn't pass access control check: It does not have HTTP ok status

The Access-Control-Allow-Origin Header Explained – With a CORS Example Often times when calling an API, you may see an error in your console that looks like this: Access to fetch at '' from origin '' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value that is not equal to the supplied origin Add following in <system.webServer> <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Methods" value="*" /> <add name="Access-Control-Allow-Origin" value="*" /> <add name="Access-Control-Allow-Headers" value="*" /> </customHeaders> </system.webServer> After adding the above code in web.config, received the following error in response. .... Has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: