stackoom
  简体   繁体   中英

CORS issue for Ionic + express

 原文  2016-01-28 05:38:32       angularjs/ node.js/ mongodb/ express/ ionic-framework

Question

I have created an application that is accessing/fetching the data from mongo/node+express, which is on different domain(eg domain_name).

The code for the get function is : 

var request = $http({
            method: 'GET',
            url: 'https://domain_name.users.io/categories/list',
            withCredentials: true  /* to get the Cookie value generated at server-side */
        });

At the express side, have added the following code in order to avoid the CORS issue: 

 res.header("Access-Control-Allow-Origin", "*");
 res.header("Access-Control-Allow-Methods","GET,PUT,POST,DELETE,OPTIONS");
 res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
 res.header("Access-Control-Allow-Credentials", "true");

For the above, i am getting the following error: 

XMLHttpRequest cannot load https://domain_name.users.io/data/list. A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'http://localhost:8100' is therefore not allowed access.

I have checked the API " https://domain_name.users.io/data/list " and there is no issue with it as i can see the data(when hit on browser).

Could someone please help me for the same

2 answers

solution1
 0  2016-01-28 05:48:26

Besides * is too permissive and would defeat use of credentials. So use https://domain_name.users.io/data/list rather than you use * .

You can't do like * because this is a part of security and if you want to allow credentials then your Access-Control-Allow-Origin must not use *.

For more please read here .

solution2
 0  2016-01-28 05:49:51

Must set the headers: 

var request = $http({
            method: 'GET',
            url: 'https://domain_name.users.io/categories/list',
           headers:{'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'},
            withCredentials: true  /* to get the Cookie value generated at server-side */
        });

==============ON Node Side=============== 

app.use(function(req, res, next) {
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type, Authorization, Access-Control-Allow-Origin, Access-Control-Allow-Headers');
 next();
});

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question CORS issue in ionic app CORS issue in ionic with rails CORS issue with Laravel 5 api and ionic 1 (Angular 1) CORS Issue with django, cordova, ionic and angular.js Setting up CORS in Ionic CORS is not working with ionic Using CORS for Angularjs IONIC Handling CORS Issues in Ionic How do I setup reverse proxy on nginx to avoid the CORS issue for my ionic and meanjs application. Cors issue between rest api application server(express) and Angulars js application while running on different ports
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM