Access to XMLHttpRequest at 'https://api1.xn--80aswg.xn--p1ai/v1/app.callPayment' from origin 'https://xn--80aswg.xn--p1ai' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
if (isset($_SERVER['HTTP_ORIGIN'])) {
// Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
// you want to allow, and if so:
header('Access-Control-Allow-Origin: '. $_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 1000');
}
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
header("Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE");
}
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization");
}
exit();
}
Request URL: https://api1.xn--80aswg.xn--p1ai/v1/app.callPayment
Referrer Policy: strict-origin-when-cross-origin
Provisional headers are shown
Learn more
Accept: application/json, text/plain, */*
Authorization: dmtfYWNjZXNzX3Rva2VuX3NldHRpbmdzPSZ2a19hcHBfaWQ9MTAwMCZ2a19hcmVfbm90aWZpY2F0aW9uc19lbmFibGVkPTAmdmtfaXNfYXBwX3VzZXI9MCZ2a19pc19mYXZvcml0ZT0wJnZrX2xhbmd1YWdlPXJ1JnZrX3BsYXRmb3JtPWRlc2t0b3Bfd2ViJnZrX3JlZj1vdGhlciZ2a190cz0xNjQyNTgxNjA4JnZrX3VzZXJfaWQ9MTAwMCZzaWduPVdfamt4cndpR011ZGFrVEYzTk9nbFdiNFdUcmhfYkRLalNYMUI3S05fMXc=
Content-Type: application/json;charset=UTF-8
Referer: https://xn--80aeiblxo7evb.xn--p1ai/
sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="97", "Chromium";v="97"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
withCredentials: true