0

I am calling the url from server side language using nodejs. When i use that url on the client side, I am getting the CORS error. If I use POSTMAN then i am getting the reponse. I have searched through various forums and questions on Stack Overflow and I can't seem to find any solution to this. It would be appreciated if someone could provide some insight.

app.controller('Ctrl',['$scope','$http', function($scope,$http) {
 var config = {
    headers: {'Access-Control-Allow-Origin': 'https://developer.mozilla.org'}
    }
        $http({
                url: 'http://localhost:8000/psp/getbank',
                method: 'GET',
            })
            .then(
                function successCallback(response) {
                    $scope.cspinfo = response.data;
                    console.log('Data Displayed successfully')
                },
                function errorCallback(response) {
                    console.log("Error:" + response.data)
            })
        }]);
Rakesh Chand
  • 3,105
  • 1
  • 20
  • 41
SRK
  • 163
  • 2
  • 18
  • Possible duplicate of [AngularJS performs an OPTIONS HTTP request for a cross-origin resource](https://stackoverflow.com/questions/12111936/angularjs-performs-an-options-http-request-for-a-cross-origin-resource) – Ved Feb 06 '18 at 07:38
  • are you using any server or just running index.html ? – Rakesh Chand Feb 06 '18 at 07:38
  • i am using node server @Rakeschand – SRK Feb 06 '18 at 07:40
  • 1
    check this link to how to allow Cors https://stackoverflow.com/questions/7067966/how-to-allow-cors – Hrishikesh Kale Feb 06 '18 at 07:44
  • yeah but that server is for backend right, how are you serving frontend app ? – Rakesh Chand Feb 06 '18 at 07:45
  • By calling the API. I got the solution for my question. Thanks @Rakeschand – SRK Feb 06 '18 at 07:50
  • You need to configure your server to support CORS requests, or look into JSONP. The problem is that node.js is sharing the same 'origin' (domain) as the API you are making calls to. The browser however, is its own 'origin', separate from the server you are trying to interface with. – Adam Patterson Feb 06 '18 at 22:52

1 Answers1

0

The 'Access-Control-Allow-Origin' header is sent FROM the server, to let the client know where requests can come from. This is not a header you send TO the server.

This article specifies (among other things) the headers you are allowed to send in a CORS request: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Adam Patterson
  • 958
  • 7
  • 13