Access to fetch at ‘https://api-nile.tfl.gov.uk/Line/piccadilly/arrivals’ from origin ‘redacted because I can only include 2 links in my post’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: It does not have HTTP ok status.
Other Information
After years of my site working happily without much input from me it has stopped working and I don’t know why. I installed an SSL certificate last month but that didn’t cause any problems that I’m aware of. I suspect a recent change to the API has caused the problem but I can’t find any details. I think I’ve narrowed the problem to CORS and created the above link to test that. Does anyone know if there’s anything I can do to fix this?
After further testing I can see I have a curl error “Could not resolve host: api.tfl.gov.uk”. I suspect the issue may be connected to my SSL certificate and their DNS but I’m out of my depth with that. Anyone have any suggestions to try?
This error typically arises when a web application makes a request to a different domain (in this case, api-nile.tfl.gov.uk.) and the server does not allow this cross-origin request. Since you mentioned a potential DNS issue and recent SSL certificate installation, try verifying that your SSL certificate is properly configured and added.
You can also try checking for any API changes/updates in api-nile.tfl.gov.uk which may break something related in your site, or a misconfiguration.
If nothing else works, try contacting @Admin or IF Support.
The error messages say that the API from tfl.gov.uk did not respond successfully, or could not be found at all. That’s not a problem with your website, but rather with the API you’re calling.
Either TFL’s API is broken or down, or perhaps you’re using it incorrectly from your website code. But regardless, your hosting is working fine.
The error messages look like browser errors too, not server errors. So even if we were to block access to the TFL APIs from our hosting (which we don’t), then it wouldn’t matter because the connection is made from people’s browsers, not the server.
Remember that the CORS settings on your website only apply when other websites try to interact with your website. If you are trying to interact with other websites, then the CORS settings of that other website control whether your website can interact with it.