StrongLoop Framework - Access-Control-Allow-Origin: *

Question

I have an AngularJS / Strongloop project. The AngularJS part of the code is not hosted at the same location as the Strongloop project and as a result I'm running into a CORS issue. I have done a lot of reading on this issue, however I can't figure out how to solve it.

As far as I can tell, my issue is on the server side. See picture below.

I can't figure out how to configured Strongloop to be set to... "Access-Control-Allow-Origin": "*"

Should I be trying to solve this a different way using Strongloop's built into ACL? Can someone point me to where I can correct the header for the API in Strongloop?

Below are some relevant article to the issue as I understand it.

http://blogs.telerik.com/kendoui/posts/11-10-03/using_cors_with_all_modern_browsers

how to handling CORS over $http in Angularjs1.3

Answer 1

So as frustrating as this was, I got it figured out. Turns out a detail I left out in my original post was that this application was built using two separate instances of Cloud 9 (http:c9.io), one for the client side and one for the server. I did this because it modeled the way the application was going to be installed in it's production environment. The issue was something to do with Cloud 9, when I ported this application to two different servers (that are un-related to Cloud 9), the issue was immediately resolve with no code changes at all to Strongloop or AngularJS.

That is really too bad, because up until this point I had been loving using Cloud 9. Guess I'll try codebox.

Below is a screen shot of the response header when ported to a non-Clould 9 instance. As you can see there is no longer the restriction on the Access-Control-Allow-Origin which was causing the problem