I am running an ionic application on http: // localhost: 8100 that connects to my express server running on http: // localhost: 3000 .
As usual, I ran into the CORS problem. disabling websecurity in chrome did not help.
The error that occurs in chrome reports:
(index):1 XMLHttpRequest cannot load http://localhost:3000/auth/facebook.
Response to preflight request doesn't pass access control check:
Credentials flag is 'true',
but the 'Access-Control-Allow-Credentials' header is ''.
It must be 'true' to allow credentials.
Origin 'http://localhost:8100' is therefore not allowed access.
Remote Address:[::1]:3000
Request URL:http://localhost:3000/auth/facebook
Request Method:OPTIONS
Status Code:200 OK
Response Headers
view source
Access-Control-Allow-Headers:accept, content-type
Access-Control-Allow-Methods:POST
Access-Control-Allow-Origin:http://localhost:8100
Access-Control-Max-Age:31536000
Connection:keep-alive
Content-Length:2
Content-Type:text/plain; charset=utf-8
Date:Wed, 04 Nov 2015 02:25:07 GMT
ETag:W/"2-d736d92d"
X-Powered-By:Express
Request Headers
view source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
DNT:1
Host:localhost:3000
Origin:http://localhost:8100
Referer:http://localhost:8100/
First question: I do not see Access-Controll-Allow-Credentials flags in request headers, then why chrome complains
Second question: I tried using the CORS express module, but that did not help. How to solve this problem?
source
share