Verify CORS settings using curl
The https://www.example.com has to be the actual host name of the website The http://localhost:8080/my-api should be the API URL that serves the data The value of Access-Control-Request-Method can be GET or PUT or POST or DELETE based on the http methods supported by the API URL curl -I -X OPTIONS -H "Origin: https://www.example.com" -H 'Access-Control-Request-Method: GET' "http://localhost:8080/my-api" 2>&1 | grep -i 'Access-Control-Allow-Origin'