SIS API & CORS Policy

The browser blocks our access to the SIS API due to CORS policy.

This is an issue on SIS API's side. They must update their responses to include Access-Control-Allow-Origin: * in their HTTP header to allow requests from all domains.

To get around this issue, we must tell the browser to not pick on it!

Install Chrome's Allow-Control-Allow-Origin plugin

Once installed, click it in your browser to activate the extension. Make sure the icon's label goes from "off" to "on".

Make sure to turn it off after you are done with this tutorial.

Resources:

MDN web docs article on Cross-Origin Resource Sharing (CORS)
3 Ways to Fix the CORS Error — and How the Access-Control-Allow-Origin Header Works
Hacking It Out: When CORS won't let you be great

CS280 Notes

SIS API & CORS Policy