Andre Mendes Andre Mendes - 1 month ago 6
AngularJS Question

Response to preflight request doesn't pass access control check AngularJs

I'm getting this error using ngResource to call a REST API on Amazon Web Services:


XMLHttpRequest cannot load
http://server.apiurl.com:8000/s/login?login=facebook. Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost' is therefore not allowed access.
Error 405


Service:

socialMarkt.factory('loginService', ['$resource', function($resource){
var apiAddress = "http://server.apiurl.com:8000/s/login/";
return $resource(apiAddress, { login:"facebook", access_token: "@access_token" ,facebook_id: "@facebook_id" }, {
getUser: {method:'POST'}
});
}]);


Controller:

[...]
loginService.getUser(JSON.stringify(fbObj)),
function(data){
console.log(data);
},
function(result) {
console.error('Error', result.status);
}
[...]


I'm using chrome, and I dont know what else to do in order to fix this problem. I've even configured the server to accept headers from origin
localhost

Answer

You are running into CORS issues.

There are several ways to fix this.

  1. Turn off CORS. For example: how to turn off cors in chrome
  2. Use a plugin for your browser (google it)
  3. Use a proxy such as nginx. example of how to set up

More verbosely, you are trying to access api.serverurl.com from localhost. This is the exact definition of cross domain request.

By either turning it off just to get your work done (OK, put poor security for you if you visit other sites and just kicks the can down the road) you can use a proxy which makes your browser think all requests come from local host when really you have local server that then calls the remote server.

so api.serverurl.com might become localhost:8000/api and your local nginx or other proxy will send to the correct destination.

Comments