0

I am trying to do cross-domain requests (GET, POST, DELETE...) with Angular and NodeJs via CORS. I am successful when I try on Chrome browser but on IE11 on Win7 I get errors below. 

SEC7118: XMLHttpRequest for http://master.domain:1300/login required Cross-Origin Resource Sharing (CORS).

SEC7119: XMLHttpRequest for http://master.domain:1300/login required CORS preflight.

SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.

Master domain side I set header Access-Control-Allow-Origin so successfully working on Chrome.

I have tried xdomain library but I could not succeed with Angular. I may miss something but I do not know what. There is no example on the internet.

What can I do to work this on IE? I can use any other way except CORS.

Any help?

Thanks

Improve this question
6
  • Normally since IE10, CORS is natively supported. And for IE8&9 you need to use XDomainRequest function. What is the configuration of your CORS configuration on your master request? Commented Mar 2, 2017 at 11:54
  • I set headers like : res.setHeader('X-Frame-Options', 'deny'); res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept'); res.setHeader('Access-Control-Allow-Methods', 'POST, GET, PATCH, OPTIONS'); res.setHeader('Access-Control-Allow-Credentials', true); Commented Mar 2, 2017 at 12:18
  • What kind of Content-Type headers do you set? Commented Mar 2, 2017 at 12:26
  • On client side(Angular2) while requesting I set 'Content-Type':'application/json' . Commented Mar 2, 2017 at 12:33
  • You need to set Access-Control-Allow-Headers: Content-Type on the server side CORS configuration Commented Mar 2, 2017 at 12:38

2 Answers 2

Reset to default
1

Just setting "Access-Control-Allow-Origin" header might not be enough, dependent on the type of request you're making. You should also set the "Access-Control-Allow-Methods" and "Access-Control-Allow-Headers"

As an example: 

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS
Access-Control-Allow-Headers: Content-Type
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I set all headers like you mentioned.
0

Just try this code in nodejs side it's working

app.use(function (req, res, next) {
  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:4200');
  res.setHeader('Access-Control-Allow-Methods', 'POST');
  res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
  res.setHeader('Access-Control-Allow-Credentials', true);
  next();
});
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.