How to stop a "preflight has invalid HTTP status code 500" error?

0
votes

I am trying to connect to the yelp API. Using Vue and Axios. I am unable to connect. I am getting error:

XMLHttpRequest cannot load https://api.yelp.com/v3/businesses/search?location=sarnia&limit=50. Response for preflight has invalid HTTP status code 500

Here is my code:

new Vue({
  el: '#app',
  data: {
      businesses: []
  },

  // Logic Methods

      mounted() {
          var app = this;
          var url = 'https://api.yelp.com/v3/businesses/search?location=sarnia&limit=50';
          var config = {
              headers: {
                  "Cache-Control": "no-cache",
                  'Content-Type': 'application/x-www-form-urlencoded',
                  "Access-Control-Allow-Origin": '*',
                  "Access-Control-Allow-Methods": 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
                  "Access-Control-Allow-Headers": 'Origin, Content-Type, X-Auth-Token, Accept',
                  "Access-Control-Max-Age": "1728000",
                  'Authorization': 'MyAccessCode'
              }
          };

          axios.get(url, config)
            .then(function(response) {
                console.log(response.headers);
                console.log(response);
                app.businesses = response.data
            })
            .catch(function(error) {
                app.businesses = "ERROR"
            })
  }
})

I am assuming this is something to do with CORS but I am unsure how to solve this. I have the CORS Chrome plugin to enable and have all the headers. Can I get any insight on what the problem can be and how to fix it? Is this something on yelp's behalf?

1
javascripthttpaxios

1 Answers

4
votes

First things first. The headers you are passing to your request are not meant as request headers:

"Access-Control-Allow-Origin": '*',
"Access-Control-Allow-Methods": 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
"Access-Control-Allow-Headers": 'Origin, Content-Type, X-Auth-Token, Accept',
"Access-Control-Max-Age": "1728000",

As you can see here they should be used by the server in a response to specify CORS rules. So there is no positive effect by putting them in a request - in fact might be even what's causing the issue (although it should be a 4xx error).

Secondly, the preflight request receiving a 500 typically means that the server has some issue dealing with the request you're making and there is nothing you can do to fix it (in theory). In practice however APIs may often give 500 errors when some request you make is wrong, and by changing it you can obtain a success (wrong implementation but often seen in practice).

You should look into more info regarding the error - start simple (e.g. using Postman or a simple HTTP tool) by providing the minimum of info (e.g. POST https://api.yelp.com/v3/businesses/search?location=sarnia with your Authorization header only). If successful, add more of the stuff you're actually using (params, different content-type, etc) to see when you get an error.

You can test this way the API itself bypassing Vue, axios and the browser which may change the requests you make. This way you can find out the source of the problem. Again, it's most likely an issue with the server, but just might be caused by something specific in your client's requests.

Good luck!