Control values in response header

When executing a SPARQL query, I’m getting

The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’.

How can I get Access-Control-Allow-Credentials = true in the response?

Based on the response you’re getting it seems like Access-Control-Allow-Credentials = true is already set and causing the warning that Access-Control-Allow-Origin can’t be set to the wild card. I don’t think it’s documented anywhere but you can try setting the database property cors.allowed.origins to the site that you’d like to allow access from.

1 Like

Thanks. Just to state my understanding (which is as likely to be off as not):

withCredentials = true

is what I have set in the request and the response is what is needs

Access-Control-Allow-Credentials = true

to match.

I will play with cors.allowed.origins.

Mozilla Developer Network has a good resource on CORS. In your case see the section titled “Requests with credentials”

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.