TechQA.

https://accounts.google.com/gsi/client missing 'Access-Control-Allow-Origin' header

14 views Asked by At

Summary

As part of learning of using Google Auth, I found that fetch("https://accounts.google.com/gsi/client") results in

Access to script at 'https://accounts.google.com/gsi/client' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Expected Behavior

Headers should contain access-control-allow-origin: * like it does when fetching https://apis.google.com/js/api.js

Actual Behavior

Response headers do not contain Access-Control-Allow-Origin header

Steps to Reproduce

Run fetch("https://accounts.google.com/gsi/client") either in the console in devtools or in a script

authorization google-oauth
Original Q&A
1

There are 1 answers

0
Konstantin Solovev On

I have found that I set crossorigin="anonymous" for the script tag.

So, if I don't use CORS, everything works.

Related Questions in AUTHORIZATION

Related Questions in GOOGLE-OAUTH

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions