I call blame on Angular for this mess. Yes, I understand CORS is set on
the server but far too many people are having trouble with the
pre-flight handling on Angular. For us, code that worked on Backbone
did not work on Angular - there seems to be something in the way Angular
works that creates problems with the pre-flight handling.
To make it easier, Angular should have a core service that properly
handles the pre-flight with the server side. Either the core team
chooses to ignore this issue or maybe Angular works better with Dart on
the server side.
On 06/13/2014 11:34 PM, Jeff Hubbard wrote:
You need to handle the OPTIONS preflight request on your server, and
it needs to return the correct Access-Control-Allow-* headers for the
incoming request.
On Friday, June 13, 2014 3:17:08 AM UTC-7, Pelle Krøgholt wrote:
Hi,
I have some struggle to get authentication/token headers set on
OPTIONS preflight calls before a POST with angular.js.
So my questions is:
1. should the service that I interact with allow all OPTIONS
preflight calls?
or
2. do I simply implement the intercepter wrongly ? - based on
interceptors (https://docs.angularjs.org/api/ng/service/$http
<https://docs.angularjs.org/api/ng/service/$http>) and
http://www.html5rocks.com/en/tutorials/cors/
<http://www.html5rocks.com/en/tutorials/cors/> and
https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token
<https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token>
i have this factory/config set up for my angular app:
myApp.factory('authInterceptor', function ($rootScope, $q,
$window) {
return {
request: function (config) {
config.headers = config.headers || {};
if ($window.sessionStorage.token) {
config.headers.AuthToken = $window.sessionStorage.token;
}
return config;
},
response: function (response) {
if (response.status === 401) {
// handle the case where the user is not authenticated
}
return response || $q.when(response);
}
};
});
myApp.config(function ($httpProvider) {
$httpProvider.interceptors.push('authInterceptor');
console.log($httpProvider.defaults.headers.common);
});
this do not set a AuthToken on the OPTIONS preflight requests
hint/ suggests warmly welcomed!
//
pelle
--
You received this message because you are subscribed to the Google
Groups "AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
To post to this group, send email to [email protected]
<mailto:[email protected]>.
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
