×

PRODUCTS

MRZ Scanner

See All Products

DEMOS

See All Demos

BOOK A SALES MEETING

DEVELOPERS

VISIT DEVELOPER CENTER

Use Cases

See All Use Cases

COMPANY

DOWNLOAD 30-DAY FREE TRIAL

PRICING

Log in

USE CASES

ID Scanning

Inventory Management

Client Onboarding

INDUSTRIES

Financial Services

Manufacturing

Logistics

Retail

Healthcare

Solutions

See All Use Cases

DOCUMENT SCANNING

Dynamic Web TWAIN

For web apps using TWAIN, WIA, ICA, and SANE scanners

Mobile Document Scanner

For web apps using mobile cameras

Document Viewer

For web-based PDF viewing and annotation

BARCODE SCANNING

Barcode Reader for Web

For JavaScript web apps

Barcode Reader for Mobile

For mobile native, MAUI, and React Native apps

Barcode Reader for Server/Desktop

For C / C++ / .NET / Python / Java / Node.js apps

Batch Barcode Scan

For bulk scanning of 100+ barcodes in one pass

ID SCANNING

MRZ Scanner

For passports and ID cards in web or mobile apps See All Products

DOCUMENT CAPTURE

Scan Documents from Scanners

Capture Documents from Cameras in Mobile Browsers

View and Annotate PDF

BARCODE SCANNING

Scan Barcodes from Video

Scan Barcodes from Images

Scan Barcodes on iOS

[Mobile Native]

Scan Barcodes on Android

[Mobile Native]

INTELLIGENT OCR

MRZ Scanner Web Demo

MRZ Scanner on iOS

[Mobile Native]

MRZ Scanner on Android

[Mobile Native]

BOOK A SALES MEETING

Request Trial License

Try Online Demo

Download Trial SDK

Documentation

GitHub Repo

Dev Blog

Developer center

Developer Center

Contact Us

About Us

News

Awards

Security

Customer Stories

Customer Support

Blog

Partner Program

Customer Stories

Table of contents

Documentation

Thanks for Downloading Dynamic Web TWAIN 30-Day Trial!

Your download will start shortly. If your download does not begin, click here to retry.

Error Troubleshooting

Request header field dwt-md5 is not allowed by Access-Control-Allow-Headers in preflight response

Symptom

When uploading images, the request fails with this CORS error.

Cause

dwt-md5 is a built-in header Dynamic Web TWAIN uses to validate upload integrity. Because it’s non-standard, browsers send a preflight OPTIONS request to confirm the header is allowed. If your server doesn’t allow it, the upload fails.

Solution

Allow the dwt-md5 header in your server’s CORS configuration. For IIS, add:

<system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
            <add name="Access-Control-Allow-Methods" value="OPTIONS, POST, GET, PUT" />
            <add name="Access-Control-Allow-Headers" value="x-requested-with, dwt-md5" />
            <add name="Access-Control-Allow-Credentials" value="true" />
        </customHeaders>
    </httpProtocol>
</system.webServer>

Note

After updating the server configuration file, you’ll need to restart the server (i.e. IIS).

Check out more info here

Original post creation date: Dec 03, 2021

Last modified date: Jan 21, 2026

Is this page helpful?

Yes

No

In this article: