[OSM-dev] Sudden CORS Error on Open Street Map API calls
Sarah Hoffmann
lonvia at denofr.de
Wed Aug 2 10:32:10 UTC 2023
On Wed, Aug 02, 2023 at 07:35:14AM +0000, Shruti Dixit via dev wrote:
> Hi all,
>·
> We have implemented Open Street Map and It works great though.
>·
> We are facing some challenges while accessing Open Street Map API from our endpoint.
>·
> The error is as follows: CORS Error :
>·
> Access to XMLHttpRequest at 'https://nominatim.openstreetmap.org/search? format=json&q=vvvvv&limit=4' from origin 'http://localhost:4200' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
This looks good here:
me at machine:~/osm$ curl -I -X OPTIONS -H "Access-Control-Request-Method: GET" -H "Origin: http:// localhost:4200" "https://dulcy.openstreetmap.org/search?format=json&q=vvvvv&limit=4"
HTTP/2 204
server: nginx
date: Wed, 02 Aug 2023 10:16:54 GMT
content-type: text/plain charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
You need to be more specific about what you are doing and what CORS
headers exactly your software is expecting. The only recent change is
that we don't send access-control-allow-methods anymore with GET
requests but that should be according to spec.
We also send a 204 instead of 200 but that really shouldn't trip your
code.
Sarah
More information about the dev
mailing list