无法加载“端点”：在飞行前响应中，Access-Control-Allow-Headers不允许请求标头字段If-Modified-Since

Question

I have created one API service using nodejs and it is working fine when I accessing through the browser. But when I'm try to call it from web application (MEAN app), getting the "Failed to load http://localhost:2020/api/posts : Request header field If-Modified-Since is not allowed by Access-Control-Allow-Headers in preflight response" issue.

Following code is added in index.js of the API service.

    // Add headers
    app.use(function (req, res, next) {

    // Website you wish to allow to connect
    res.setHeader('Access-Control-Allow-Origin', '*');

    // Request methods you wish to allow
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');

    // Request headers you wish to allow
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');

    // Set to true if you need the website to include cookies in the requests sent
    // to the API (e.g. in case you use sessions)
    res.setHeader('Access-Control-Allow-Credentials', true);

    // Pass to next layer of middleware
    next();
});

and added following lines in controller of the web app,

app.config(["$routeProvider", "$httpProvider", function ($routeProvider, $httpProvider) {
    $httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = '*';
}
]);

But no luck for added the above lines. How to resolve this issue ?

Thanks.

Answer 1

You need to add If-Modified-Since to Access-Control-Allow-Headers in your server code:

res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type,If-Modified-Since');

Also the part where you touch HTTP header on client seems useless to me, I don't think you can do anything with that.