{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 小情绪 Triste * 的问题《Ionic native app is sending header Origin:file://》','https://www.manongdao.com/q-571412.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have started building simple Todo app in Ionic 1 and I discovered a problem with Origin header. (CORS related)
If i run
ionic serve
everything works fine in browser and i can make requests to my REST API on apache(tomcat). But when build my app for android or even in ionic viewer, all requests fail. Using a chrome debugger I managed to locate the problem.
Native app sends header (tested only on android)
Origin: file://
which causes my server to deny requests. Seems to me that it should send correct Origin header with host. Screenshot with more details is attached below.
What can I do about that?
Found related topic here: CORS, Cordova, AngularJs $http and file:// confusion
Already posted here, with no luck: https://forum.ionicframework.com/t/native-app-is-sending-header-origin-file-which-causes-problems/62388/1
EDIT: Problem occurs when post, if I run ionic starter (tabs) template with only $http.post('http://myapp.com/apiv1/device') added to controller.
It seems that the problem comes from the server (specifically from Tomcat).
According to this bug:
https://bz.apache.org/bugzilla/show_bug.cgi?id=60008
The default CORS filter provided by Tomcat (instances/shared/conf/web.xml) doesn't allow POST requests and returns 403. The problem is solved from Tomcat version 8.0.37, so upgrading the server should solve your problem.
Regards.
Try adding the following to your allowed origin request:
"file://* filesystem: "I had the same problem with
<iframes>in Ionic and I fix it adding:I've came across this last week. I had to make POST request to JIRA api and I wasn't able to change server configuration. Probably the easiest way is to make your own android plugin which sends POST request. If you send POST request from plugin, there is no Origin: file:// header and everything works fine. The plugin was like 2-3 hours of work.