Cross Origin Requests - Why?

Asked Mar 31 '16 at 09:29

Active Mar 31 '16 at 09:29

Viewed 26 times

I am working through a book on MEAN web development. It has several example apps. And at the beginning of each one it has me add the following code in the serve.js main app file that has all the routes and whatnot, but it never explains why. Can someone shed some light?

app.use(function (req, res, next) {
  res.setHeader('Access-Control-Allow-Origin', '*');
  res.setHeader('Access-Control-Allow-Methods', 'GET, POST');
  res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type, \Authorization');
  next();
});

asked Mar 31 '16 at 09:29

Taylor Huston

1,104
3
15
31

1

http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work?rq=1 – Meirion Hughes Mar 31 '16 at 09:34
use of `*` is disallowed in case of authentication. – techie_28 Mar 31 '16 at 09:42

Cross Origin Requests - Why?

0 Answers0