close

[Solved] Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route

Hello Guys, How are you all? Hope You all Are Fine. Today I’m setting a laravel and vuejs. CORS plugin for laravel and frontend side i use Axios to call REST API I got this ERROR Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one routein Laravel. So Here I am Explain to you all the possible solutions here.

Without wasting your time, Let’s start This Article to Solve This Error.

How Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error Occurs ?

I’m setting a laravel and vuejs. CORS plugin for laravel and frontend side I use Axios to call REST API I got this error.

Access to XMLHttpRequest at 'https://xx.xxxx.xx' from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

How To Solve Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error ?

  1. How To Solve Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error?

    To Solve Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error Just Disable CORS policy security.

  2. Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route

    To Solve Access to XMLHttpRequest has been blocked by CORS policy Redirect is not allowed for a preflight request only one route Error Just Disable CORS policy security.

Solution 1: Just Disable CORS policy security

Just Disable CORS policy security.

  1. Go to google extension and search for Allow-Control-Allow-Origin.
  2. Now add it to chrome and enable.
  3. Add https://localhost to it’s setting.:
  4. Now close all your chrome browser and open cmd. Then run the followin command:
  5. “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –-allow-file-access-from-files –disable-web-security –user-data-dir –disable-features=CrossSiteDocumentBlockingIfIsolating
  6. If the command runs properly you will see the following notification: Stability and security is suffer
  7. If you can’t see the notification then the command didn’t work. So you should check the directory link that have been specified in the command to ensure that the chrome.exe file exist in that directory link. If you find the chrome.exe file then after closing the chrome browser you should check the task manager if any other chrome service is running in background. After closing all the services the command should work as expected.

Solution 2: In your config/cors.php

The issue is from the back-end side in our case is Laravel, in your config/cors.php try to use the below config:

'supportsCredentials' => true,
'allowedOrigins' => ['*'],
'allowedOriginsPatterns' => [],
'allowedHeaders' => ['*'],
'allowedMethods' => ['*'],
'exposedHeaders' => [],
'maxAge' => 0,

Or you can try to use this code at the top of public/index.php

Solution 3: backend redirect to

The problem comes from your Vue App.

Eg: You’re requesting the URL below:

https://example.com/api/methods/

And the backend redirects it to:

https://example.com/api/methods

Beware of the trailing slash at the end.

Summery

It’s all About this issue. Hope all solution helped you a lot. Comment below Your thoughts and your queries. Also, Comment below which solution worked for you?

Also, Read

Please Rate Our Solution to Motivate Us For Give Our Best

Leave a Comment