角度4-所请求的资源上没有“ Access-Control-Allow-Origin”标头

Question

I'm trying to get some data with Spotify / Musixmatch API in my Angular 4 app but it is not working. I keep getting this error:

XMLHttpRequest cannot load http://api.musixmatch.com/ws/1.1/album.get?album_id=14250417&apikey=xyz010xyz . Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://localhost:9000 ' is therefore not allowed access.

JS

  let headers = new Headers();
    headers.append('Content-Type','application/json');
    headers.append('Accept', 'application/json');
    headers.append('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, DELETE, PUT');
    headers.append('Access-Control-Allow-Origin', '*');
    headers.append('Access-Control-Allow-Headers', "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding");
    let options = new RequestOptions({ headers: headers });
    console.log(options)
    return this.http.get(this.url + 'album.get?album_id=' + album_id + '&apikey=' + this.apikey, options)
      .map(res => res.json())
  }

Answer 1

This is the problem with browser, typically its a security concern not to allow other requests which may lead to XSS attack easily. If only for development I suggest you to install a plugin which will disable in your browser plugin

If for production, then you need to configure your API.

Answer 2

First, you have to create a file called proxy.conf.json, then put the following code { "/ restapiserver / *": { "target": "http: // localhost: 8075", "secure": false, "changeOrigin": true } }

In the service file, in the url of the rest service, delete the domain and leave the root of the service

private url: string = '/ restapiserver /';

PS: In AngularJS 4

Answer 3

Try this if not yet problem solved by setting header in js.

Add "no access control allow origin" plugin/add-on in chrome.

Yo can find here: NoAccessControlAllowOriginAddon