Error Response > to preflight request doesn't pass access control check: The value of > the 'Access

Picture: https://imgur.com/enPQYNb

I want to test my in chrome extension and get data from api. When I’m logged in to the web I check in the network tab, which returns me request url in headers, example: https: // beta.application.com / api / v1 / projects /. Is it possible for me to refer to this url in my app?

In console.log I have error

Failed to load resource: the server responded with a status of 401 (Unauthorized)

Access to XMLHttpRequest at ‘https://beta.application.com/api/v1/projects’ from origin ‘chrome-extension://…’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

Network Error at createError (webpack-internal:///./node_modules/axios/lib/core/createError.js:16) at XMLHttpRequest.handleError (webpack-internal:///./node_modules/axios/lib/adapters/xhr.js:87)

Example:

email: john.asd@gmail.com

password: aZdfgHkL12

In local.storage I have access to token Example: `{access_token:" 111111111111111111 "}

Can I copy this token and use it in my app in React?

I’m trying to do it:

 componentDidMount(){const token ='111111111111111111';//token from local.storage /\*const hash = Base64.encode(token); const Basic = 'Basic ' + hash;\*/const username='john.asd@gmail.com';const password='aZdfgHkL12'const url="https://beta.application.com/api/v1/projects/"; axios.get axios({"url": url,"withCredentials":true,"method":"GET","headers":{'Authorization':`Bearer ${token}`},"auth":{ username: username, password: password }}).then(response =\>{this.setState({ projects: response });}).catch(error =\>{ console.log('error');})}

manifest.json

{"name":"demo","background":{"page":"background.html"},"browser\_action":{"default\_popup":"popup.html","default\_icon":"icon.png"},"icons":{"128":"icon2.png"},"permissions":["https://\*/","http://\*/"],"version":"1.0","manifest\_version":2,"content\_security\_policy":"script-src 'self' 'unsafe-eval'; object-src 'self'"}