javascript - AngularJS with NodeJS GET request fails - "Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers" -
i've been looking around similar questions in search of answer can't find it. have node.js server express:
app.use(function(req, res, next) { res.header("access-control-allow-origin", "*"); res.header("access-control-allow-methods", "get, post, options"); res.header("access-control-allow-headers", "origin, x-requested-with, content-type, accept, access-control-allow-headers"); next(); }); app.use(express.static(__dirname+'/assets')); app.use(bodyparser.json()); app.get('/', function(req, res, next) { res.sendfile(__dirname + '/public/index.html'); });
and angularjs working requests rest api. they're triggered keyup events in searchform. app.config:
app.config(function ($httpprovider) { $httpprovider.defaults.headers.common['access-control-allow-headers'] = 'authorization, access-control-allow-headers'; $httpprovider.interceptors.push('tokeninterceptor'); });
... , request code itself:
$scope.requestmovies = function() { $http.get('http://www.omdbapi.com/?s=' + $scope.titletosearch + '&type=movie&r=json') .success(function(data, status, headers, config) { $scope.movies = data.search; }) .error(function(data, status, headers, config) { alert("no movie found"); }); };
this worked fine until added authentication project (hence interceptor), , since invariably error message
xmlhttprequest cannot load http://www.omdbapi.com/?s=darkmovie&type=movie&r=json. request header field access-control-allow-headers not allowed access-control-allow-headers.
even though did authorize headers both in front , end. same thing happens in firefox in chrome. doing wrong?
update
forgot post tokeninterceptor service:
app.service('tokeninterceptor', function($q, $window, $location, authenticationservice) { return { request: function (config) { config.headers = config.headers || {}; if ($window.sessionstorage.token) { config.headers.authorization = 'bearer ' + $window.sessionstorage.token; } return config; }, requesterror: function(rejection) { return $q.reject(rejection); }, /* set authentication.isauthenticated true if 200 received */ response: function (response) { if (response !== null && response.status == 200 && $window.sessionstorage.token && !authenticationservice.isauthenticated) { authenticationservice.isauthenticated = true; } return response || $q.when(response); }, /* revoke client authentication if 401 received */ responseerror: function(rejection) { if (rejection !== null && rejection.status === 401 && ($window.sessionstorage.token || authenticationservice.isauthenticated)) { delete $window.sessionstorage.token; authenticationservice.isauthenticated = false; $location.path("/"); } return $q.reject(rejection); } }; });
although still fail see what's wrong. suppose way check authorization token sent server everytime angular view changed.
change last 1 to
res.header('access-control-allow-headers', 'origin, x-requested-with, content-type, accept');
Comments
Post a Comment