Access to XMLHttpRequest has been blocked by CORS policy
I've a problem when I try to do PATCH request in an angular 7 web application. In my backend I have:
app.use((req, res, next) => {
res.set({
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "*",
"Access-Control-Allow-Headers": "'Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token'",
});
next();
});
In my frontend service, I've:
patchEntity(ent: any, id) {
let headers = new Headers({ 'Content-Type': '*' });
let options = new RequestOptions({ headers: headers });
return this.http.patch('my_url', ent).map((res: Response) => res.json());
};
The error is:
Access to XMLHttpRequest at 'my_url' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
What can I to do? Thanks.
Answer
There are two ways this can be handled:
- Temporary Front-End solution so you can test if your API integration is working:
Click on window -> type run and hit enter -> in the command window copy:
chrome.exe --user-data-dir="C://Chrome dev session" --disable-web-security
This will open a new "Chrome" window where you can work easily. This is a temporary solution. Every time you will have to work with this chrome window.
- Permanent solution:
In the backend code, the developer needs to add an annotation @Crossorigin right above the CRUD api call method.
Let me know if it works.