I'm using ember.js and it is throwing me this error:
XMLHttpRequest cannot load http://ift.tt/2kFIFMf. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.
On my server side, I have placed codes to print out a log for GET, POST and PUT calls. It does NOT print out anything. Therefore, I think the client-side never made any requests to the server. (However, access 'http://ift.tt/2kFIFMf' manually does indeed invoked the log on the GET method.)
The server-side is already coded to return the Access-Control-Allow-Origin and it works for other methods.
So, what is my problem?
And just for for the record, the server side in Java is:
responseBuilder.header("Access-Control-Allow-Origin", "http://localhost:4200");
responseBuilder.header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization, auth-token");
responseBuilder.header("Access-Control-Allow-Credentials", "true");
responseBuilder.header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
responseBuilder.allow("OPTIONS");
and in my ember.js config/environment.js I have:
ENV['contentSecurityPolicy'] = {
'default-src': "*"
};
Aucun commentaire:
Enregistrer un commentaire