-2

Got this error from Binance:

has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

Calling like this in a React app.

useEffect(() => {
        const fetchData = async () => {
            const { data } = await axios.get('https://binance.com/api/v3/klines', {
                headers: { crossDomain: true },
                params: {
                    symbol: 'ETHUSDT',
                    interval: '1h',
                    startTime: '1514764800000',
                },
            })
        fetchData()
    }, [])

From Postman it works, what is the problem?

Full error:

bot:1 Access to XMLHttpRequest at 'https://binance.com/api/v3/klines?symbol=ETHUSDT&interval=1h&startTime=1514764800000' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

tried withCredentials: true, did not work

has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

            const { data } = await axios.get('https://binance.com/api/v3/klines', {
                withCredentials: true,
                headers: {},

tried proxy:

const { data } = await axios.get('http://localhost:3000/api2/klines', {

and set rewrite next.config.js:

async rewrites() {
        return [
            {
                source: '/api2/:path*',
                destination: `https://binance.com/api/v3/:path*`,
            },
        ]
    },

got this error:

has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

János
  • 32,867
  • 38
  • 193
  • 353
  • 1
    Postman is not a browser so it works .... seems some header is missing to satisfy the request – KcH Nov 13 '22 at 13:23
  • [This](https://stackoverflow.com/questions/42168773/how-to-resolve-preflight-is-invalid-redirect-or-redirect-is-not-allowed-for) helps? – radar155 Nov 13 '22 at 13:25
  • Not really, if I remove `crossDomain: true`, I got a `307 Internal Redirect` from Binance. Adding trailing slash also did not help, and use a reverse proxy also did not help. – János Nov 13 '22 at 13:38
  • Which header I need as extra? – János Nov 13 '22 at 13:39

1 Answers1

-2

You can send a request throw the CORS proxy.
List of proxies.
Like this:

axios.get(<proxy url>/<my url>).

Or create your own.

Dmitriy Zhiganov
  • 1,060
  • 1
  • 5
  • 14