Hello, the API I'd like to use with angularjs uses token based authentication. I am trying to set up the CORS properly, but I am a bit lost.
Can anybody please help me with the following example? The auth token is returned as a custom http header. In my example it is X-token header from http://tomaso.cz/token/token.html If my angularjs "app" is sitting at http://tomaso.cz/get_token.html (js code at http://tomaso.cz/app.js ) it works fine and I can print the token. If I want to launch the same code from localhost the browser (firefox 29.0) issues an OPTIONS method and gets (IMHO correct) headers: Access-Control-Allow-Origin: * access-control-allow-credentials: true access-control-allow-headers: x-account, accept, access-control-request-origin access-control-allow-methods: GET,OPTIONS After this the GET method is issued, but the angularjs "headers" object is empty (it does not contain the 'X-token' header. I have also tried to put the client on a different server than localhost and it does not work at all - the OPTIONS is issued but then browser complains: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://tomaso.cz/token/token.html. This can be fixed by moving the resource to the same domain or enabling CORS." I think I have changed everything on the server side to switch CORS on. Thanks in advance for any suggestions. Cheers, Tomas -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
