With respect to a previous question, I'm still facing an issue where Content-Type doesn't seem to be sent to the preflight request, with OPTIONS enabled on the server, AND the data being populated as a json object. I've been bouncing between a HAL JSON syntax and regular JSON with the same result.
Regular json:
return $http({
url: 'http://ait.local/entity/node?_format=json',
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
data: task
});
Hal json:
return $http({
url: 'http://ait.local/entity/node?_format=hal_json',
method: 'POST',
headers: {
'Content-Type': 'application/hal+json'
},
data: task
});
Inspecting the headers in both Chrome and FF do not show Content-Type in the request headers. Here is the response:
XMLHttpRequest cannot load http://ait.local/entity/node?_format=json. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
I've already made sure that CORS is enabled on the server, in .htaccess:
<IfModule mod_headers.c>
# Disable content sniffing, since it's an attack vector.
Header always set X-Content-Type-Options nosniff
Header set Access-Control-Allow-Origin "http://localhost:8080"
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, PATCH, DELETE"
Header set Access-Control-Allow-Headers "Origin, Authorization, Accept, Content-Type, X-Requested-With"
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule .* / [R=200,L]
</IfModule>
Furthermore, if I test this in Postman, the HAL JSON has a 201 Created response and creates the entity. This leads me to believe the problem is somewhere in Angular. However, even performing the same request with jQuery results in the exact same error. If I console log the task data, it is indeed a JSON object.
Does anyone have experience working with this?
