{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 看我几分像从前 的问题《AngularJS No 'Access-Control-Allow-Origin'》','https://www.manongdao.com/q-1279114.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have an AngularJS app that I need to post data to a third party URL which is used to store some data on the third party server. I get the following error when I run my code below: XMLHttpRequest cannot load http://thirdparty.url.com/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:51491' is therefore not allowed access.
The code I'm running in my AngularJS factory is:
return $http({
url: '//thirdparty.url.com',
method: "POST",
data: params_string,
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, GET, OPTIONS, PUT',
'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept'
}
});
This means that your http://thirdparty.url.com/ Does not accept requests from external sources that is/are not from http://thirdparty.url.com/, so you have to enable it from your thirdparty.url.com
Cross-Origin Resource sharing(CORS) is a specification that defines the ways for a web server to allow its resources to be accessed by the script running in a web page from a different domain.
The Server and the client work together, using HTTP headers to make accessing cross origin resources possible.
In your case since you browser(client) is chrome/Firefox(and not the older version of IE) , the problem is not with browser.
When you make an ajax call , browser by default will add a request header
Your ajax call will only be successful when the server(http://thirdparty.url.com) sends a response similar to below
In your case , the above response header is not being sent by server.
Add the extension CORS
to your chrome browser.
Access-Control-Allow-Originheader needs to be added in thethirdparty.url.comthat you are trying to access and not in your own code. It is for the website to control allowing access to the users, So you can do anything about it from your side.You can't enable
CORSfrom client side. I should set at server level.HTTP access control (CORS)