We are moving our forum in GitHub Discussions. For questions about Phalcon v3/v4 you can visit here and for Phalcon v5 here.

APi Rest

Hello everyone, everything good? I have been with this problem for 3 weeks and I don't know what else to do, I tried to work on apache, I tried everything on phalcon, I tried everything on reactjs where it is my front end and nothing solved. can anyone help me?

Any method I try to query my api (made in phalcon php micro) by postman returns me the correct results, in all methods (GET, DELETE, POST, PUT)

xhr.js:166 OPTIONS https://localhost/b9Back/v1/api/projetos/2 404 (Not Found)

Access to XMLHttpRequest at 'https://localhost/b9Back/v1/api/projetos/2' from origin 'https://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

Being that GET method I can consult the api.

I'm trying to update a user with PUT method, follow my put method code

    function ($id) use ($app) {
        $record = Projetos::findFirst($id);
        $record->nome = $app->request->getPut('nome', 'string', '');
        $record->tipo_projeto = $app->request->getPut('tipo_projeto', 'string', '');
        $record->descricao = $app->request->getPut('descricao', 'string', '');
        $record->prioridade = $app->request->getPut('prioridade', 'string', '');
        $record->info_uteis = $app->request->getPut('info_uteis', 'string', '');
        $record->inicio_projeto = $app->request->getPut('inicio_projeto', 'string', '');
        $record->termino_estimado = $app->request->getPut('termino_estimado', 'string', '');
        $record->inicio_real = $app->request->getPut('inicio_real', 'string', '');
        $record->termino_real = $app->request->getPut('termino_real', 'string', '');
        $record->tempo_estimado = $app->request->getPut('tempo_estimado', 'string', '');
        $record->tempo_gasto = $app->request->getPut('tempo_gasto', 'string', '');
        $record->valor_disponivel = $app->request->getPut('valor_disponivel', 'string', '');
        $record->valor_gasto = $app->request->getPut('valor_gasto', 'string', '');

        $result = $record->save();

        if (false === $result) {
            $error = [];
            foreach ($record->getMessages() as $message) {
                $error[] = $message->getMessage();

            $payload = [
                'status' => 'error',
                'data' => $error,
        } else {
            $payload = [
                'code' => 200,
                'status' => 'OK',
                'payload' => $record->toArray()

        $response = $app->response;

Here is my PUT request across the front using Reactjs with Axios:

sync function salvarProjeto(id) {
    const response = await api.post(`/projetos/${id}`, {
      data: {
        nome: nNome, 
        tipo_projeto: nTipoProjeto, 
        descricao: nDescricao,
        prioridade: nPrioridade,
        info_uteis: nUteis,
        inicio_projeto: nInicioEstimado,
        termino_estimado: nTerminoEstimado,
        inicio_real: nInicioReal,
        termino_real: nTerminoReal,
        tempo_estimado: nTempoEstimado,
        tempo_gasto: nTempoGasto,
        valor_disponivel: nValorDisponivel,
        valor_gasto: nValorGasto

   if(response) {

Front and Back are localhost, I tried to put a VPS the back but I have the same problem


I have a hunch that the port difference is triggering the CORs. What does your current .htaccess file look like, under your API project?

Try adding the following:

Header set Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

In more official environments (production), you'll want to replace * with something more specific. As * is a wildcard.