1

I am trying to hit an https based API, which is successfully working in POSTMAN and other REST client, but not in my AngularJS app.

Following is the code -

var req = {
    method: 'POST',
    url: 'https://agXXXXX.com/api/contact/',
    headers: {
        'Content-Type': undefined
    },
    data: user,
    withCredentials: true
};
$http(req)
    .then(function(data){
        console.log("--Data--");
        console.log(data);
    })

After following few stack CORS related article, I also included this in .config(), but no luck -

$httpProvider.defaults.useXDomain = true;
$httpProvider.defaults.headers.common = {Accept: "application/json, text/plain, */*"};
$httpProvider.defaults.headers.post = {"Content-Type": "application/json;charset=utf-8"};

Following is the error I am facing -

Cors Error

Let me know what I am doing wrong, or missing here.

Improve this question
10
  • 1
    The browser is not going to let your JavaScript code access that URL unless its server is responding with the access control header that would allow it to do so. Commented Sep 13, 2015 at 9:19
  • I don't think you can use $http if its a https call. Test it out by keeping your code the same but try hitting an open source http. Commented Sep 13, 2015 at 9:20
  • @JoeLloyd it's not an http vs. https issue unless the origin domain is the same, and the page attempting the access is not http but the service is. Commented Sep 13, 2015 at 9:22
  • @Pointy Please check the screenshot as Server is responding with the Access-Control-Allow-Origin header Commented Sep 13, 2015 at 9:22
  • @JoeLloyd It is not a case of http Commented Sep 13, 2015 at 9:23

2 Answers 2

Reset to default
0

If you just need test your app you can use this chrome plugin:

https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi

But if you need this in production, you need config your server. If you are using SPRING:

HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST,PUT, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", "Authorization,Content-Type");
        chain.doFilter(req, res);
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

That will not help if the server won't accept cross-domain requests.
@Ivan are you sure that the plugin will help me as I previously mentioned that I am going to hit the API successfully from POSTMAN/ REST client ?
Yes, i am sure. But this isnt a solution, just a patch. You need config your server
0

You should add in your server code headers to enable cors.

in this site you could read about it, and get code to implement it depending on the language in your backend:

http://enable-cors.org/

Improve this answer

2 Comments

TL;DR Can you please check the screenshot and let me know which header is missing ?
Hmm. it seems like you added that header. maybe you added it with a typo?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.