All geek questions in one place

AngularJS disables CORS?

Maybe something is missing me completely, but I have a server running locally and have not configured Angular to use CORS requests for $ http. When I make an HTTP request to localhost: <port> , I see that it first creates an OPTIONS request.

Because I need to support IE 8 - and AngularJS will definitely not work there with CORS - I need to remove CORS.

I tried to set the POST method directly without using the $http.post wrapper, but to no avail. Perhaps this is due to https://github.com/angular/angular.js/issues/1585

I also tried calling jQuery ajax post directly from the controller - even with the CORS option as false (because it was true by default). It still creates a CORS request.

What is the configuration for this?

+5
source share
1 answer

CORS is the result of your url request, not any configuration you can set. If your origin does not match the url protocol / domain / port request, you will receive a CORS request - no exceptions.

For example, with the source http://www.example.com:8080 :

This is a CORS request: http://example.com:8080/path.json (another subdomain)

This is a CORS request: http://www.example.com/path.json (other port)

This is a CORS request: https://www.example.com:8080/path.json (another protocol)

This is NOT a CORS request: http://www.example.com:8080/path.json (protocol, domain and port are at the beginning)

In this case, the OPTIONS request occurs because you have a header outside the standard headers (most likely, your request has an X-Requested-With header). In Angular.js, you can remove this with:

 angular.module('yourModuleHere') .config(function ($httpProvider) { delete $httpProvider.defaults.headers.common['X-Requested-With']; });

Note that for Angular.js 1.2 and later, X-Requested-With is not in the list of standard headers by default. You do not need to remove it from the list.

+19
source

Source: https://habr.com/ru/post/971690/

More articles:


All Articles