Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CORS error with AngularJS post only in FireFox

Tags:

angularjs

cors

firefox

laravel

ionic-framework

I am having issues only with FireFox when making a cross origin request in an Ionic app (so it's using AngularJS). The js app is doing a $http.post() to a Laravel 5.1 API, and I get the following error only in FireFox (39.0.3):

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://blah.dev/endpoint. (Reason: missing token 'content-type' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel).

This is on my localhost (OSX Mavericks). and works fine in Chrome and Safari, only FireFox is given the error. I have cleared the cache, and tried in a "private window", with the same results.

Here is the Laravel route defined to handle the OPTIONS request:

Route::options('endpoint', function() {
    return response('OK')
        ->header('Access-Control-Allow-Headers ', 'Origin, Authorization, X-Requested-With, Content-Type, Accept')
        ->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS')
        ->header('Access-Control-Allow-Origin', '*')
        ->header('Cache-Control', 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0')
        ;
});

Route::post('endpoint', array('uses' => '\Path\To\Controller@endpoint'));

I did find this question that seems to have a similar issue only in FireFox, but the solution was to comma separate the Allow-Methods, which I already am.

like image 732
shauno Avatar asked Oct 30 '22 21:10

shauno

1 Answers

The message " missing token 'content-type' " is about the client. For a http request to be a valid post one, it must have a header 

'Content-Type': 'application/x-www-form-urlencoded'

or 

'Content-Type': 'multipart/form-data'

The first content-type is the most common one.

In angularjs one way to do a CORS post request is 

$http.post(
        'http://external-domain.ext/the/rest/url',
        'param_name=param_value',
        {headers:{'Content-Type': 'application/x-www-form-urlencoded'}}
    ).
    then(function successCallback(response) {
       $scope.something = response;
    }, function errorCallback(response) {
       // not good
    });

If the server is configured with header('Access-Control-Allow-Origin', '*'), the CORS post must succeed without authentication and credentials.

like image 53
Greg Kelesidis Avatar answered Nov 15 '22 07:11

Greg Kelesidis
Sign in to Comment

Related questions

Different syntax in Angular for controller, services and others
CSS changes are not applied immediately
How to handle Callback/Redirects from dpd-passport via Google strategy?
Why am I getting multiple calls for a single item?
how to use SystemJS to bundle angular TypeScript with internal modules
Angular UI Select, Unique values pre-selected array
How to get request url in an angularjs $http request
Server-Side Paging with MySQL, PHP, and AngularJS
3rd party directive inside another directive while using "controller as ... " syntax
How to create a custom angular directive that will override ng-disabled?
How to dynamically update directive once user is logged in?
Webpack is loading module twice
Issue with angular accordion scope
loop through the provided attributes
Scoping within Angular service call
Ionic how to go back state programmatically
Karma testcases not working after migration to angular 1.4.3
AngularJS submit function can't call service function more than once
AngularJS increment value for id attributes
After deploy to production error: Unknown provider: $$isDocumentHiddenProvider <- $$isDocumentHidden

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!