-2

Previously I used the following type of headers in my function to make the request from the application:

Error

OPTIONS http://API_URL 405 (Method Not Allowed)

XMLHttpRequest cannot load http://API_URL. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.1.9:8100' is therefore not allowed access. The response had HTTP status code 405.

Data Login

datos = {
          Usuario: $scope.usuariotxt,
          Password: $scope.passwordtxt
        };

'Content-Type': 'application/x-www-form-urlencoded'

function

 function Autenticacion(datos) {


    var url = 'http://API_URL';

    return $http.post(url, $httpParamSerializer(datos), {
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    });

};

Now the content-type must be different from how you submitted the request in advance

'Content-Type': 'application/json'

function Autenticacion(datos) {

    //var url = 'API_URL';        

    return $http.post(url, $httpParamSerializer(datos), {
        headers: {
            'Content-Type': 'application/json'
        }
    });

};

But using the ARC tool, the request works perfectly

Image Link

The server is in Azure, this the information 

Cache-Control: no-cache
Pragma: no-cache
Content-Length: 270
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.0
X-Aspnet-Version: 4.0.30319
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=0a3517ba6ed8bb14ffe517099672a3eb4ea3c4b710ad8c6e0edaa70c2d244335;Path=/;Domain=apipedroupc20170125045931.azurewebsites.net
Date: Tue, 28 Feb 2017 20:53:09 GMT
georgeawg
  • 48,608
  • 13
  • 72
  • 95
Pedro Miguel Pimienta Morales
  • 443
  • 3
  • 10
  • 31
  • 1
    Possible duplicate of ["No 'Access-Control-Allow-Origin' header is present on the requested resource"](http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource) – Phil Feb 28 '17 at 23:11
  • 1
    Why are you setting the content-type to `application/json` yet still sending data as `application/x-www-form-urlencoded`? – Phil Feb 28 '17 at 23:12
  • @Phil I also feel a little strange, and not only that, it also tells me that the type of petition is not allowed. – Pedro Miguel Pimienta Morales Feb 28 '17 at 23:23

1 Answers1

1

Seems this is a cross domain issue. For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts. No others implement this restriction, so it's ok for the ARC tool.

You can configure CORS in the Azure portal. For more info, please see my earlier post from Stack Overflow: CORS Headers in Azure App Service running Express JS, or Azure's documentation: https://learn.microsoft.com/en-us/azure/app-service-api/app-service-api-cors-consume-javascript.

Community
  • 1
  • 1
Aaron Chen
  • 9,835
  • 1
  • 16
  • 28