This subject has been asked a couple of time, but I still don't understand something:
When I read answers about
No 'Access-Control-Allow-Origin' header
issue, it says a setting should be set on the requested server in order to allow cross domain: add_header 'Access-Control-Allow-Origin' '*';
.
But, please tell me why when asking from postman (which is a client), It's working like a charm and I have a response from the requested server?
Thank you
As @Musa comments it, it seems that the reason is that:
Postman doesn't care about SOP, it's a dev tool not a browser
By the way here's a chrome extension in order to make it work on your browser (this one is for chrome, but you can find either for FF or Safari).
Check here if you want to learn more about Cross-Origin and why it's working for extensions.