Reputation: 1790
set access control headers for same domain requests
I'm using restangular to consume an api hosted on the same server as the angular files. All requests to the api are getting Origin is not allowed by Access-Control-Allow-Origin errors. I've tried altering headers in the config
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
and updating angular/restangular. Is there a way to set the headers for same domain requests using restangulars setdefaultheaders method?
Upvotes: 0
Views: 2745
Answers (1)
Reputation: 48330
The error that your are getting is due to Cross Origin Resource Sharing (CORS) policies of your web server.
The resources being on the same server is not enough. They have to be served by the same host.
Is important to understand that api.mydomain.com is a different from www.mydomain.com.
Also having a different port (api.mydomain.com vs api.mydomain.com:9000) makes it a different host.
Check that the response of the response of your server contains the HTTP header:
"Access-Control-Allow-Origin: api.yourdomain.com"
To check how to enable a CORS on your web server check this useful website: enable_cors.org
You can read more about CORS
Upvotes: 4
Related Questions
- Custom headers get added to Access-Control-Request-Headers
- How to allow Access Control Header to access a remote API in cross-domain?
- Add custom header to http call
- AngularJS - set HTTP header for GET request
- $http Cross domain access issue exists in header
- AngularJS CORS request custom header
- AngularJS cross-domain requests using $http service
- AngularJS set header on every request
- Method not allowed — removing Access-Control-Request-Method from request headers in Angularjs
- setting HTTP Header for angularjs REST calls