Response to preflight request doesn't pass access control check: for node js api

Question

I am building an angular2 app with node as server,below is my api..

http://localhost:3000/api/auth/getcategories

When i called the abpove api,i got the following error in my console,

XMLHttpRequest cannot load http://localhost:3000/api/auth/getcategories. 
Response to preflight request doesn't pass access control check: 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'http://localhost:8000' is therefore not allowed access.

I am not sure about the next step to solve the above issue,can anyone suggest help......

do you host the application from the same server with the api? — Stavros Zavrakas, Oct 05 '16 at 09:20

score 0 · Answer 1 · edited May 23 '17 at 11:54

Server must return set of CORS headers. In this particular case you should add to response following header:

Access-Control-Allow-Origin: *

Of course on production environment allowing all origin hosts (*) probably is not a good idea.

If you cannot add header to server's response, you can disable checking CORS headers by running Chrome with --disable-web-security and --user-data-dir flags.

Response to preflight request doesn't pass access control check: for node js api

1 Answers1