On 20/02/2014 21:11, Christopher Schulz wrote:
> return
> $http.get('http://localhost:60593/api/claims/api/claims/Coordinators', {
> headers: {
> 'Access-Control-Allow-Origin': 'http://localhost:65518/',
> 'Access-Control-Allow-Methods': ['GET', 'POST', 'OPTIONS', 'PUT',
> 'DELETE'],
> 'Access-Control-Allow-Headers': 'Content-Type',
> 'Access-Control-Allow-Credendtials': 'true',
> 'Content-Type': 'application/json; charset=UTF-8'
> }
> }).then(function (result) {
> return result.data;
> });
> }
> }
> });
Hi,
These headers must be returned by the backend to the frontend, and not
sent by the front to the back.
The only option you must send from the front is withCredentials: true in
the $http config if your request contains cookies.
Access-Control-Allow-Origin is set by the server and must contains the
domain list allowed to query the server.
If your front-end is hosted on http://www.yourdomain.org:9000, the
server must send Access-Control-Allow-Origin:
'http://www.yourdomain.org:9000'
See this link : http://enable-cors.org/index.html
--
You received this message because you are subscribed to the Google Groups
"AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/groups/opt_out.
