Here's Javascript, you can run in Dev Tools here on this page: However, this might not show the response status text or response body — so can be hard to know what went wrong. Using cURL can be simpler, see below.
corsFetch({
url: 'http:// host /-/v0/search',
POST: { searchQuery: { freetext: 'search phrase' }},
onDone: function(rsp) { logToPageAndConsole(rsp) }});
Or use cURL, in a Linux shell — here's a pre-flight request: (this is what the browser does to find out if Cross-Origin is allowed)
talkyard_server="http://localhost"
curl -v -v -X OPTIONS -H "Origin: http://localhost:8080" \
-H "Access-Control-Request-Method: GET" \
"$talkyard_server/-/v0/ping"
# Two "real" requests — try both with the right and the wrong Origin header:
curl -v -v -X GET -H "Origin: http://localhost:8080" \
"$talkyard_server/-/v0/ping"
curl -v -v -X POST -H "Origin: http://localhost:8080" \
-H 'Content-Type: application/json' \
--data '{ "searchQuery": { "freetext": "search phrase" }}' \
"$talkyard_server/-/v0/search"
# ? -H "Access-Control-Request-Headers: X-Requested-With" \
You can convert cURL to fetch(), there's: https://kigiri.github.io/fetch/, https://stackoverflow.com/questions/31039629/convert-curl-get-to-javascript-fetch
Log: (most recent first)