Hi,
I'm having a problem with authentication. I want to have token validation by login in my Angular app, but when I make post request, it keeps sending option method (preflight request) and I get 404 error with "The Same Origin Policy disallows reading the remote resource...Reason: CORS preflight channel did not succeed). In Postman it works just fine and I have no problem getting session id there. Does this sound familiar?
Не можете найти фильм или сериал? Войдите на сайт, чтобы добавить его.
Хотите поставить оценку или добавить в список?
Нет аккаунта?
Ответ от Travis Bell
, 16 августа 2018 в 11:21
What's an example pre-flight request that is failing? Most of them should be hooked up, so I would like to see which specifically is being called.
Ответ от Eli0
, 16 августа 2018 в 11:56
This is a security rule employed by most most moderns browsers in the CORS definition.
Basically, the OPTION preflight request will apply if :
(I assume that your request is a POST with the content-type set to application/xml or application/json)
But it's not a problem, it's a safety measure. You just have to configure your server to respond to OPTION request with a status 200 and a header "Access-Control-Allow-Origin: *"
What is your backend setup ?
Ответ от dankesn
, 16 августа 2018 в 12:40
This is my post request
It sends pre-flight request, but it's not clear to me what should I do and is there a way to solve this without proxy and is this desirable behavior?
Ответ от Travis Bell
, 16 августа 2018 в 13:02
OPTIONS
is enabled on most (was supposed to be all ) endpoints but indeed, it was not enabled on the/3/authentication
endpoints. I have a deploy going out later today that will enable it. I'll let you know when it's live.Ответ от dankesn
, 16 августа 2018 в 13:15
Thank you very much for clarification and your help! ;)
Ответ от Travis Bell
, 17 августа 2018 в 17:25
OPTIONS should be enabled now on the
/3/authentication
methods. Let me know if you run into any more trouble.Ответ от dankesn
, 17 августа 2018 в 18:10
Thanks Travis! ;-)