I want my server to allow 'Authorization' header for my mobile app. Currently my webserver is in sails and I use sails. My routes code is
'post /auth/local' : {
cors: {
origin: '*'
},
controller: 'AuthController',
action: 'callback'
},
When my client sends a request with 'Authorization' in header I get error
XMLHttpRequest cannot load http://localhost:1337/auth/local.
Request header field Authorization is not allowed by Access-Control-Allow-Headers.
How do I specify in my routes code that 'Authorization' header is also allowed?
I want my server to allow 'Authorization' header for my mobile app. Currently my webserver is in sails and I use sails. My routes code is
'post /auth/local' : {
cors: {
origin: '*'
},
controller: 'AuthController',
action: 'callback'
},
When my client sends a request with 'Authorization' in header I get error
XMLHttpRequest cannot load http://localhost:1337/auth/local.
Request header field Authorization is not allowed by Access-Control-Allow-Headers.
How do I specify in my routes code that 'Authorization' header is also allowed?
Share Improve this question edited Jul 28, 2015 at 2:11 rnrneverdies 15.7k9 gold badges66 silver badges95 bronze badges asked Jul 19, 2015 at 4:40 rajuraju 5,00817 gold badges67 silver badges121 bronze badges1 Answer
Reset to default 15Add headers : 'Content-Type, Authorization' to cors object, like example below:
'post /auth/local' : {
cors: {
origin: '*',
headers: 'Content-Type, Authorization'
},
controller: 'AuthController',
action: 'callback'
},
headers: Comma-delimited list of headers that are allowed to be sent with CORS requests. This is only used in response to preflight requests.
Source: Sails CORS Config
Notice that Content-Type is also required due is the default value of that property and is required for POST and PUT methods.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1743584115a4474693.html
评论列表(0条)