Why does the browser swear when post request?

V

Vitaly2016-02-18 19:00:29

JavaScript

Vitaly, 2016-02-18 19:00:29

All the best.
I am writing a small application in Angular and Node.
I noticed an interesting thing, when sending POST requests to my node server, the browser gives an error:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' localhost:8100 ' is therefore not allowed access.
Although I set the headers correctly:

res.header('Content-Type', 'application/text');
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'POST,GET');
res.header('Access-Control-Allow-Headers', 'origin, content-type, accept');

But if you send a GET request, then everything is OK, no errors.
Tell me how to make POST requests go through?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

_

_ _, 2016-02-18
@AMar4enko

These headers must be sent in response to any type of http request, not just GET

D

Dmitry Belyaev, 2016-02-18
@bingo347

Some browsers don't properly accept an asterisk in Access-Control-Allow-Origin
. Write a specific host in this header, or substitute it from req.headers.host to accept any host.
You can also try midleware cors

M

MNB, 2016-02-18
@MNB

Before the post, the client sends an OPTION
or remove Access-Control-Allow-Methods altogether,
then all methods will be available
You can read here https://en.wikipedia.org/wiki/Cross-origin_resource...

V

Vitaliy, 2016-02-18
@Scorpiored88

And so:
req.headers.host - does not work, because it does not even reach this point.
When sending a request, the server log shows only:
It also doesn't help
and even if I remove this parameter
and even if when sending a POST request on the client side I add
{headers: { 'Access-Control-Allow-Origin': '*'}}