I keep being hit by this issue when trying to configure my IPFS node to allow programmatic access to the API.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:5001/api/v0/add?stream-channels=true. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
The answer is to configure the API permissions of the IPFS configuration.
ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '[\"*\"]' ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '[\"PUT\", \"GET\", \"POST\"]'
IMPORTANT: After making any configuration changes you need to restart the IPFS daemon in order for the new settings to take effect
I had gone wrong as I had been trying to change the GATEWAY.HTTPHeaders instead of API. I also didn’t realise I needed to restart the daemon.