I use angular js as my front-end to restify, both exist in different domains, ie angular js in 'my.local' and restify in 'api.my.local'
whenever i try to return error from my restify( eg return next(new restify.InvalidArgumentError('Invalid Username'));), The browser is throwing a CORS error(XMLHttpRequest cannot load http://api.my.local/authenticate. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://my.local' is therefore not allowed access. ).
The whole thing is working perfectly if the error raising line is deleted from the server side restify code. ie if return next(new restify.InvalidArgumentError('Invalid Username')); is removed, the program will be working fine.
