CORS error when trying to authenticate



I have a ghost blog v2.13.1. From another site (completely different domain) I am using the Ghost v0.1 API. Getting posts works using this API. When I try to authenticate as a user (so that I can create a post) using the endpoint “/authentication/token” it works from the site being tested in localhost but not on the actual site pushed live. On the actual site I get an error saying its a CORS violation. I have already added the actual site domain as part of client_trusted_domains in the DB. The localhost domain didn’t need to be added for the API to work.

Note: when implementing this, the browser would return an error that was a CORS error for any error that Ghost threw. For instance, when the “filter” parameter in my GET posts was not processed properly, it would throw a CORS error and not the actual error.

I fixed the authentication call by setting the content type header to “application/x-www-form-urlencoded”. However the create post method requires “application/json” and it continues to throw CORS errors.

Any help ion this would be greatly appreciated!



Replying to keep this thread active.
I’m having the same issue.

closed #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.