Response to preflight request doesn't pass access control check in NodeJS

0
votes

I cannot convince why I've encountered following error even I've added following code in NodeJS/ExpressJS.

XMLHttpRequest cannot load http://localhost:9000/polymer/105724/apply. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.

res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.setHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type");
2
javascriptnode.jsexpress

2 Answers

2
votes

You also need to allow OPTIONS method. Browser sends an OPTIONS call before the actual call so if OPTIONS is not allowed next call will not be made.

res.setHeader('Access-Control-Allow-Methods', 'OPTIONS,GET,PUT,POST,DELETE');
1
votes

Allow OPTIONS and reply handling CORS HTTP headers to browser and await the request.