No Access-Control-Allow-Origin header, but it is

Question

I'm using AngularJS in the front-end, PHP in the back-end, and Yeoman during developing (with the angular-generator).

I'm getting the following error when trying to make an AJAX request through the $http service:

XMLHttpRequest cannot load 
https://someweb.com/some/path/app/scripts/php/getSomething.php?term=someParticularValue. 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'http://localhost:9000' is therefore not allowed access.

However, the headers are properly set in the PHP side, and actually I don't have any cross domain problem at all when trying to type the URL directly in the browser (I get the JSON I am expecting, and when look at the headers via the Chrome DevTools everything looks right).

The AJAX call in Angular looks like this:

$http.get(phpBaseUrl + 'getSomething.php', {
    params: { term: someValue }
})
.then(function (res) {
    // Do something with res.data ...
});

I also tried the same code with Firefox, since I read that there can be some problems in Chrome. I'm using Linux (Ubuntu 14.04).

I'm a bit desperate, because for each single character I change, I have to upload the files to the server if I want to check if the new thing is working, which actually takes me about between 1 and 2 minutes. I'm not being productive at all!

Any ideas about the root of the problem?

Thank you so much in advance.

Answer 1

To use CORS within Angular, we need to tell Angular that we're using CORS. We use the .config() method on our Angular app module to set two options.

1. We need to tell Angular to use the XDomain and

2. We must remove the X-Requested-With header from all of our requests

    angular.module('myApp') .config(function($httpProvider) { $httpProvider.defaults.useXDomain = true; delete $httpProvider.defaults.headers .common['X-Requested-With']; }); 

Answer 2

You should not need anything on angular side, it is the php side that should config CORS. ps browser does not have cors issue always

Answer 3

Good news, I managed to solve it! I come back just to share what was the problem, if this could be helpful for anybody else.

The thing is that I am working inside of quite a big network and I don't understand all his points. The problem was: the X-Domain problem seemed to be in the PHP files I was called (that was the browser said -- in fact this files sent the proper headers already, and I hadn't to modify them). But this was not true; the real X-Domain problem was produced by another file (probably not PHP, I don't know) which implements a necessary login system. I was being redirected to this "hidden" file under the hood each time I try to make a request to the first one. The "hidden" file, which I don't control, hasn't the proper headers to allow X-Domain calls, of course, so that's why my calls didn't succeed.

So, the only thing I needed to do was tell the suitable person to change the network properly, to avoid this problem caused by the redirect. Indeed I think that he removed the redirect.

Sorry for keep you thinking in vain, and thank you for your tries.