It seems the API responses do not include the CORS allow origin header.
The OPTIONS response does though.
Is this expected behavior?
Firefox screenshot
Sample code:
searchForm.onsubmit = _ => searchOfficer(searchForm.querySelector("input").value);
function searchOfficer(input) {
fetch(`https://api.company-information.service.gov.uk/search/officers?q=${input}`, {
headers: {
"Authorization": "basic REDACTED"
},
}).then(r => alert(Object.keys(r)))
return false
}