Hi there
I am using nginx and I would like to allow CORS, thus I've added:
add_header Access-Control-Allow-Origin "*";
into the domain configuration in server part.
Mozilla stopped complaining, however now Chrome tells me that there are multiple values in that header:
Access to fetch at 'https://domain.xyz/wp-json/jwt-auth/v1/token' from origin 'chrome-extension://ieeakbhnhklgbmcjgpgaahgcgaeehdmj' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values ', *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Any ideas?