0

I am trying to do cross-domain requests (GET, POST, DELETE...) with Angular and NodeJs via CORS. I am successful when I try on Chrome browser but on IE11 on Win7 I get errors below. 

SEC7118: XMLHttpRequest for http://master.domain:1300/login required Cross-Origin Resource Sharing (CORS).

SEC7119: XMLHttpRequest for http://master.domain:1300/login required CORS preflight.

SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.

Master domain side I set header Access-Control-Allow-Origin so successfully working on Chrome.

I have tried xdomain library but I could not succeed with Angular. I may miss something but I do not know what. There is no example on the internet.

What can I do to work this on IE? I can use any other way except CORS.

Any help?

Thanks

Improve this question
6
  • Normally since IE10, CORS is natively supported. And for IE8&9 you need to use XDomainRequest function. What is the configuration of your CORS configuration on your master request? Commented Mar 2, 2017 at 11:54
  • I set headers like : res.setHeader('X-Frame-Options', 'deny'); res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept'); res.setHeader('Access-Control-Allow-Methods', 'POST, GET, PATCH, OPTIONS'); res.setHeader('Access-Control-Allow-Credentials', true); Commented Mar 2, 2017 at 12:18
  • What kind of Content-Type headers do you set? Commented Mar 2, 2017 at 12:26
  • On client side(Angular2) while requesting I set 'Content-Type':'application/json' . Commented Mar 2, 2017 at 12:33
  • You need to set Access-Control-Allow-Headers: Content-Type on the server side CORS configuration Commented Mar 2, 2017 at 12:38

2 Answers 2

Reset to default
1

Just setting "Access-Control-Allow-Origin" header might not be enough, dependent on the type of request you're making. You should also set the "Access-Control-Allow-Methods" and "Access-Control-Allow-Headers"

As an example: 

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS
Access-Control-Allow-Headers: Content-Type
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I set all headers like you mentioned.
0

Just try this code in nodejs side it's working

app.use(function (req, res, next) {
  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:4200');
  res.setHeader('Access-Control-Allow-Methods', 'POST');
  res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
  res.setHeader('Access-Control-Allow-Credentials', true);
  next();
});
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.