I am creating an API and I want every single website to be able to send a GET request to /log.php?a=. The value after the a is logged to a text file. But I get:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://example.com/log.php/?a=dW5kZWZpbmVk. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
This is the log.php file:
<?php
header("Access-Control-Allow-Origin: *");
header('Access-Control-Allow-Credentials: true');
$myfile = fopen("test.txt", "w");
fwrite($myfile, $_GET['a']);
?>
Looks like the URL in the question is a bit different from the URL in the error message (in the error message there's an extra / after log.php)
Can you remove it and see what happens?