services.odata.org/TripPinRESTierService ::: The server is incorrectly responding with two Access-Control-Allow-Origin

[shlomo7492]

It works with Postman and in browsers, but when using it in my js code to fetch data with fetch api or axios it throws error:

Access to fetch at 'https://services.odata.org/TripPinRESTierService/(S(negfbklwt4uhmeegv0o43zyh))/People' from origin 'http://127.0.0.1:5500' has been blocked by CORS policy: Response to preflight request doesn't pass access control check

The 'Access-Control-Allow-Origin' header contains multiple values '*, ', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

[mikepizzo]

Weird -- I thought we fixed this.

[mikepizzo]

It looks like this was fixed and pushed to staging, but not pushed to production awaiting additional preflight work.

@shlomo7492 -- Can you confirm that https://services.odata.org/Trippin_Staging/People behaves correctly? That will help us determine whether the fix is good to push to production.

[happpystory]

@mikepizzo I can confirm that it behaves correctly.