V
V
Vitaly2016-02-18 19:00:29
JavaScript
Vitaly, 2016-02-18 19:00:29

Why does the browser swear when post request?

All the best.
I am writing a small application in Angular and Node.
I noticed an interesting thing, when sending POST requests to my node server, the browser gives an error:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' localhost:8100 ' is therefore not allowed access.
Although I set the headers correctly:

res.header('Content-Type', 'application/text');
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'POST,GET');
res.header('Access-Control-Allow-Headers', 'origin, content-type, accept');

But if you send a GET request, then everything is OK, no errors.
Tell me how to make POST requests go through?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
_
_ _, 2016-02-18
@AMar4enko

These headers must be sent in response to any type of http request, not just GET

D
Dmitry Belyaev, 2016-02-18
@bingo347

Some browsers don't properly accept an asterisk in Access-Control-Allow-Origin
. Write a specific host in this header, or substitute it from req.headers.host to accept any host.
You can also try midleware cors

M
MNB, 2016-02-18
@MNB

Before the post, the client sends an OPTION
or remove Access-Control-Allow-Methods altogether,
then all methods will be available
You can read here https://en.wikipedia.org/wiki/Cross-origin_resource...

V
Vitaliy, 2016-02-18
@Scorpiored88

And so:
req.headers.host - does not work, because it does not even reach this point.
When sending a request, the server log shows only:
It also doesn't help
and even if I remove this parameter
and even if when sending a POST request on the client side I add
{headers: { 'Access-Control-Allow-Origin': '*'}}

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question