1

HI I have an Angular Aplication that consume from a REST API in NodeJS both are deploy in IIS server, from Node I am using IISNode.

I am getting the error XMLHttpRequest cannot load http://181.49.53.186:8006/DynamicContent/form/list. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://web.procesosyservicios.info:3006' is therefore not allowed access. only in production version in developer version never get the error. The strange is that no get the error always for example with the previous method I get the error only 2 o 3 times for each 10 calls.

My app.js file have the following configuration:

router.use(function(req, res, next) {
  res.header('Access-Control-Allow-Origin', '*');
  res.header('Access-Control-Allow-Methods', 'GET, POST');
  res.header('Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Authorization');
  next();
});

Alternative I delete the previous lines and define the same in my web.coonfig file like this:

<httpProtocol>
    <customHeaders>
        <add name="Access-Control-Allow-Origin"  value="*" />
        <add name="Access-Control-Allow-Methods" value="GET,POST" />
        <add name="Access-Control-Allow-Headers" value="X-Requested-With,content-type,Authorization" />
    </customHeaders>
</httpProtocol>

but the result is the same only work sometimes. I don't have idea about what can be the error.

thanks for the help

SOLUTION

In my case the solution was change my web.config file following this configuration and adding this lines: 

<httpProtocol>
    <customHeaders>
        <add name="Access-Control-Allow-Origin"  value="*" />
        <add name="Access-Control-Allow-Methods" value="GET,POST" />
        <add name="Access-Control-Allow-Headers" value="X-Requested-With,content-type,Authorization" />
    </customHeaders>
</httpProtocol>
oriaj
  • 768
  • 1
  • 16
  • 33

1 Answers1

0

Problems with Cross Domain Ajax requests are fairly common for developers.

The best way to resolve this problem is by adding a header to the response object from the server side.

Here is a blog that does explain this in a great amount of detail. It also includes some server side code. In c# the way to add header is by the following statement.

Response.AddHeader("Access-Control-Allow-Origin", "mydomain.com");
Response.ContentType = "application/json";

You can also include a * instead of the mydomain.com but it defeats the whole purpose of the security measure that does the blocking of such requests.

Hope that helps.

Thanks

Paras

pparas
  • 549
  • 4
  • 13
  • Hi @pparas thanks for your answer; sorry but I can see the link to the blog. respect to the solution I try with two diferent methods to add the headers. In my server in my app.js file and in web.config file (the code that use can check in the question); but with both get the same error. – oriaj May 18 '16 at 17:06