By Shubham Khatri


2016-04-11 16:15:58 8 Comments

I have been using POSTMAN for sometime now for sending HTTP requests like GET, POST, PUT for RESTful Webservices. Recently came across a situation, when sending a request to my REST API through browser, I got a message that

No Access Control Allow Origin Header is present on the Requested resource.

The solution was ofcourse to add such an header to the API. However strangely, When I sent the the same request through POSTMAN I was able to get back the response.

So I want to know how is sending a request through POSTMAN different from sending a request through browser.

I went through this question: CORS with POSTMAN, but it really doesn't provide an answer in detail.

1 comments

@Alexander O'Mara 2016-04-11 17:05:18

From Cross-Origin XMLHttpRequest in Chrome Develop Extensions documentation:

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. Extensions aren't so limited. An extension can talk to remote servers outside of its origin, as long as it first requests cross-origin permissions.

Basically browser extensions have more privileges than web content. In the case of Chrome extensions, there is an option to enable cross-origin access.

Related Questions

Sponsored Content

20 Answered Questions

[SOLVED] Response to preflight request doesn't pass access control check

23 Answered Questions

[SOLVED] How to allow CORS?

5 Answered Questions

6 Answered Questions

[SOLVED] Is CORS a secure way to do cross-domain AJAX requests?

7 Answered Questions

[SOLVED] Sending cookies with postman

  • 2015-06-17 11:34:46
  • MiddleWare
  • 73818 View
  • 42 Score
  • 7 Answer
  • Tags:   cookies postman

10 Answered Questions

1 Answered Questions

[SOLVED] Postman mock service not accepting preflight request

1 Answered Questions

Cors issue occurs only when "put"?

1 Answered Questions

[SOLVED] Why would a cors issue occur in browser but not in Postman?

Sponsored Content