Title: CORS error using WP REST API Last modified: May 31, 2023 --- # CORS error using WP REST API * [jeppex](https://wordpress.org/support/users/jeppex/) * (@jeppex) * [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/) * Hey there * I have set up a wordpress installation at a subdomain of my site. On the main domain, I am running a React build that fetches the content from the headless WordPress. It all appears to work. * However, on every load of the page I get a CORS error: * “No ‘Access-Control-Allow-Origin’ header is present on the requested resource.” * I mostly get this on just a single endpoint. It is not the same endpoint that throws an error, but there appears to be at least one CORS error every time. * Under settings I have set wordpress address and site address to the subdomain. And I am running https. * I have also tried setting the site address to the main domain which gave the same CORS errors. (And in this process I accidentally made a mistake, so I couldn’t acces the dashboard, so now both addresses are hardcoded in the function.php as the subdomain. If the site address is the main domain, I cannot access the controlpanel..) * Any idea of what the issue could be? Any help appreciated 🙂 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fcors-error-using-wp-rest-api%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 4 replies - 1 through 4 (of 4 total) * Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/) * (@bcworkz) * [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/#post-16787139) * WP by default does not respond with any Access-Control-Allow-Origin header. If your app requires such a header, it can be added through the “wp_headers” filter. * To limit the header to API requests, your callback could check if constant `REST_REQUEST` is defined and its value is `true`. * The ideal value for the header is discussed in [this Mozilla doc page](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS). The least restrictive would be `Access-Control-Allow-Origin: *`. (allow any origin) * Thread Starter [jeppex](https://wordpress.org/support/users/jeppex/) * (@jeppex) * [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/#post-16794889) * Thank you for your response! When I add the `Access-Control-Allow-Origin: *` in the .htaccess, all endpoints seem to fail. * However, I noticed that in the console appears as a CORS error, in the network tab in dev tools is a 508 loop detected error. Still, only on one endpoint each time. * Could this be something else than a issue with the headers? * Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/) * (@bcworkz) * [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/#post-16795325) * A 508 status suggests a faulty .htaccess directive somewhere. I added the following to my .htaccess as a test, it worked as expected without error: * ``` Header set Access-Control-Allow-Origin "*" ``` * Thread Starter [jeppex](https://wordpress.org/support/users/jeppex/) * (@jeppex) * [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/#post-16798086) * Thanks again! * But it appeared simply to be faulty code. I actually had a loop in my get requests 🤦‍♂️ - This reply was modified 2 years, 11 months ago by [jeppex](https://wordpress.org/support/users/jeppex/). Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘CORS error using WP REST API’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 4 replies * 2 participants * Last reply from: [jeppex](https://wordpress.org/support/users/jeppex/) * Last activity: [2 years, 11 months ago](https://wordpress.org/support/topic/cors-error-using-wp-rest-api/#post-16798086) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics