CORS is a messy subject.

Please try with the 7.0Dev branch from github. We have made some changes that did solve the CORS issue for us.

Thanks Francois, I'll take a look.

I had no immediate success with that - it errors in the same way.

Sorry, that was a bit brief last night, it was late.

So I've installed the latest b2evo branch at 7.0dev, whilst making no other changes from what is a default install with the sample data in it. I still have access to the API via Insomnia, and when accessed in the browser (Chrome latest, and others), I'm seeing the same error message as above in the console.

The b2evo instance is running on my QNAP device, and having checked minimum PHP requirements for b2evo 7.0dev, and look to be meeting what's required at PHP Version 5.6.36. I'm assuming it would have baulked at the install stage if that would have been insufficient.

What I'd like to understand is something more about the changes that you made to make CORS work for yourselves, and the default response that this puts in place. Could you:

1. Describe those changes for me, along with the default response expectation
2. Tell me which files they are implemented in, so I can have a quick look and see if I can understand it.
3. Let me know what I'd need to change to on my instance to make it 'Allow Any Origin'. 'Allow Any Method' and 'Allow Any Header'.

Thanks

@chris_of_arabia sorry, I'm overwhelmed with Pro Client support. I don't have time to dig into this (very complex) issue right now.