stackoom
  简体   繁体   中英

Still having “No 'Access Control Allow Origin' header is present on the requested resource” error after adding Access-Control-Allow-Origin: *

 原文  2016-11-30 07:15:11       javascript/ angularjs/ web-services/ api/ cors

Question

I know this was tackled so many times before. But I can see on the response that there is Access-Control-Allow-Origin on the header already.

This is my request code: 

 var req = { method: 'POST', url: "integration-api.domain.com/login", headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'X-AN-WebService-IdentityKey': identitykey, 'X-AN-WebService-CustomerAuthToken': customerAuth, 'X-AN-WebService-CustomerTransientToken': transientToken, 'Cache-Control': 'no-cache' }, data: datatopass }; console.log(datatopass); return $http(req).then(function(response){ console.log(response); return response.data; }, function(err) { console.log(err); return err; });

This is the request header when viewing on chrome:

Accept : /
Accept-Encoding :gzip, deflate, sdch, br
Accept-Language :en-US,en;q=0.8
Access-Control-Request-Headers :x-an-webservice-identitykey
Access-Control-Request-Method :POST
Cache-Control :no-cache
Connection :keep-alive
Host :integration-api.domain.com
Origin : http://OriginDomain
Pragma :no-cache
Referer : http://OriginDomain/apitest/
User-Agent :Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36

Then the preflight response is:

Access-Control-Allow-Headers :x-an-webservice-identitykey, origin, content-type, x-an-webservice-customerauthtoken, x-an-webservice-deviceauthtoken,x-an-webservice-customertransienttoken,x-an-webservice-version
Access-Control-Allow-Origin :*
Date:Wed, 30 Nov 2016 06:56:50 GMT

Does the server needs to add Access-Control-Allow-Method or any other headers on the response or do I need to add something on my code?

I'm using angular.js to call an $http call to the url

1 answers

solution1
 0  2016-11-30 07:18:08

You need to allow method types as well 

"Access-Control-Allow-Origin", "*";
'Access-Control-Allow-Methods', 'OPTIONS,GET,PUT,POST,DELETE";
"Access-Control-Allow-Headers", "X-Requested-With, Content-Type";

Please see this answer. Response to preflight request doesn't pass access control check in NodeJS

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Error No 'Access-Control-Allow-Origin' header is present on the requested resource No 'Access-Control-Allow-Origin' header is present on the requested resource error Javascript - No 'Access-Control-Allow-Origin' header is present on the requested resource No 'Access-Control-Allow-Origin' header is present on the requested resource Angular 4 - No 'Access-Control-Allow-Origin' header is present on the requested resource NodeJs No 'Access-Control-Allow-Origin' header is present on the requested resource Access-Control-Allow-Origin header is present on the requested resource No Access-Control-Allow-Origin header is present on the requested resource .htaccess XMLHttpRequest No 'Access-Control-Allow-Origin' header is present on the requested resource Access-Control-Allow-Origin header is not present on the requested resource
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM