Join 34,000+ subscribers and receive articles from our blog about software quality, testing, QA and security.

Making Ajax API call from other domain's web page



We want to pull Testrail data onto a Confluence page. I’ve setup the Testrail Apache to return the header:

Access-Control-Allow-Origin: *

And, I am currently logged-in to our Testrail instance in another browser tab.

But, when I run a test Ajax call from the console for the Confluence page, it fails with:

$.ajax(“”, {
type: “GET”,
contentType: “application/json”,
}).done(function(d, s, x) {;
}).fail(function(data, failResult, status) {
var msg = "Error! Error details: status = " + status + “/” + data.status + ", message = " + failResult.message;;

OPTIONS httXp:// 400 (Bad Request)
Access to XMLHttpRequest at 'httXp://
=1553712334899’ from origin ‘http://localhost:1990’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: It does not have HTTP ok status.

What am I doing wrong?


P.S. httXp because this site spam control is being triggered.



Sorry, I pasted the wrong URL and error above (tried so many things). I edited the original post.