-1

I'm creating a webpage with JavaScript and fetch for API requests for an internal use.

My IP is authorized on the server for API request but for the development I use the WebStorm integrated server (on localhost) so when I make a fetch request, the origin in the request headers is set to http://localhost:63342 and the request is blocked because of CORS.

I tried to edit this request in Firefox's Seveloper Tools to set the origin header to my external IP address and it worked great. However I wasn't able to edit it in the JavaScript fetch code.

The used API is Acronis and I can't add localhost, 127.0.0.1 or 192.168.1.13 to the list of authorized IP.

Is there a way to bypass this automatic header or force Firefox to use the external IP instead of the "real one" which is localhost here?

LazyOne
  • 148,457
  • 42
  • 363
  • 369
Marius ROBERT
  • 213
  • 2
  • 11
  • It would make the security feature useless if a website could tell browsers to lie about the origin of the request when accessing a third party API. If your external IP address is an allowed origin then *host the HTTP server* on that IP address. – Quentin Jun 01 '22 at 10:25

0 Answers0