2

I'm facing the below error. I tried multiple solutions but adding "Access-Control-Allow-Origin" to web.config does not alter the outcome in a positive way.

On the other hand, I used PostMan, as a test alternative, and it works flawlessly.

Based on the above evidence, I'm thinking the error is on the authentication code somewhere.

Here's the authentication function snippet. 

    auth() {
    this.http.post('http://*****.*****.com/two/wp-json/jwt-auth/v1/token', {
      username: this.user.login,
      password: this.user.password
    }).subscribe((data) => {
      if (data['token']) {
        this.token = data['token'];
        this.tokenChange.emit(this.token);
      }
    });
}

Setup: Windows Server shared-hosting(godaddy) Angular 7.0.4, Wordpress with "JWT Authentication for WP-API" plugin.

Figure 1. The JS console showing the error. "Access-Control-Allow-Origin" is not the problem as I tested it on PostMan and it works normally. Angular and Wordpress error with JWT authentication plugin

Full Array
  • 769
  • 7
  • 12
  • CORS is only enforced in the browser, which is why it works in Postman. You need to ensure your backend sends the appropriate `Access-Control-Allow-Origin` header – user184994 Nov 04 '18 at 20:59
  • Without adding the `Access-Control-Allow-Origin` header to the local web.config, the api works normally when retrieving `posts`. If I add the `Access-Control-Allow-Origin` header to web.config, (), I'm unable to retrieve `posts` and `authenticate`. And, it throws an error of `Multiple Access-Control-Allow-Origin are not allowed` – Full Array Nov 04 '18 at 21:06
  • The message in your image implies it's not receiving that header. If you check in the browser developer tools network tab, and find the failed requests, is the `Access-Control-Allow-Origin` actually being sent on the response? – user184994 Nov 04 '18 at 21:09
  • Usually, if I add `Access-Control-Allow-Origin` explicitly to web.config, I get the following error `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://******.******.com/two/wp-json/wp/v2/posts. (Reason: Multiple CORS header ‘Access-Control-Allow-Origin’ not allowed` – Full Array Nov 04 '18 at 21:15

0 Answers0