Cross-Origin Request Blocked in oauth api request

I’m trying to use Gumroad API for WordPress plugin, and trying to understand how to make any call, GET in my case.

I searched a lot for code examples on stack overflow, but still can’t run it without an errors.

Plain JS or jQuery.ajax is acceptable.


    function createCORSRequest(method, url) {
      var xhr = new XMLHttpRequest();

      if ("withCredentials" in xhr) {
        // XHR for Chrome/Firefox/Opera/Safari., url, true);
      } else if (
        typeof XDomainRequest != "undefined") {
        // XDomainRequest for IE.
        xhr = new XDomainRequest();, url);
      } else {
        // CORS not supported.
        xhr = null;
      return xhr;

    var xhr = createCORSRequest('GET', '');
      if(xhr.readyState==4 && xhr.status==200){
    xhr.setRequestHeader('Authorization', 'Basic');
    xhr.setRequestHeader('Accept-Language', 'en_US');

    xhr.send('676234257caeb63ca7683c39d14e0091387a1a36af0c2135f989d0fd84ffc0c5'); // The token is real

The error is:

Cross-Origin Request Blocked:
The Same Origin Policy disallows reading the remote resource
(Reason: CORS header ‘Access-Control-Allow-Origin' missing).


error {
  target: XMLHttpRequest,
  isTrusted: true,
  lengthComputable: false,
  loaded: 0,
  total: 0,
  currentTarget: XMLHttpRequest,
  eventPhase: 2,
  bubbles: false,
  cancelable: false,
  defaultPrevented: false,
  composed: false

Thanks a lot for any suggestions!

Read more here: Cross-Origin Request Blocked in oauth api request

Leave a Reply

Your email address will not be published. Required fields are marked *