I try to set an Authorization header to a GET request to authenticate users to a rest API. I'm using Angular 2 RC1. (I'am a total beginner).
getTest(){
let authToken = localStorage.getItem('auth_token');
let headers = new Headers({ 'Content-Type': 'application/json' });
headers.append('Authorization', `Bearer ${authToken}`);
let options = new RequestOptions({ headers: headers });
return this._http
.get(this._url,options)
.map(res => console.log(res));
}
I allow CORS in my backend.
header("Access-Control-Allow-Origin: *");
header("Access-Control-Request-Headers: Content-Type, Authorization");
My console :
OPTIONS api/userProfile/
XMLHttpRequest cannot load /userProfile/. Response for preflight has invalid HTTP status code 406
Any idea ?
I think that you need the Accept
header rather because of the 406 status code...
let authToken = localStorage.getItem('auth_token');
let headers = new Headers({ 'Accept': 'application/json' });
headers.append('Authorization', `Bearer ${authToken}`);
let options = new RequestOptions({ headers: headers });
return this._http
.get(this._url,options)
.map(res => console.log(res));
This allows you to tell the server which content type you expect in the response...
The Content-Type
header is rather to specify the type of the content you sent in the request. In your case, there is no content...