Error when accessing localhost api in chrome net::ERR_INSECURE_RESPONSE

Channa picture Channa · Jul 6, 2014 · Viewed 15.1k times · Source

I was trying to access api running in localhost using angular $resourses, chrome console gives me error saying ERR_INSECURE_RESPONSE.

I tried disabling web security in chrome. still same error. here is the angular factory that i used. How can I bypass this error and test my app.

    ImpactPortal.factory('apiFactory', function ($resource) {
    return $resource('https://localhost:8443/mifosng-provider/api/v1/client_impact_portal', {}, {
        query: {
            method: 'GET',
            params: {},
            isArray: true
        }
    })
});

Answer

Narek Mamikonyan picture Narek Mamikonyan · Jul 8, 2014

Enabling CORS in Angular.js

var myApp = angular.module('myApp', [
    'myAppApiService']);

myApp.config(['$httpProvider', function($httpProvider) {
        $httpProvider.defaults.useXDomain = true;
        delete $httpProvider.defaults.headers.common['X-Requested-With'];
    }
]);

A server supporting CORS must respond to requests with several access control headers:

Access-Control-Allow-Origin: "*"

By default, CORS requests are not made with cookies. If the server includes this header, then we can send cookies along with our request by setting the withCredentials option to true.

Access-Control-Allow-Credentials (optional)

If we set the withCredentials option in our request to true, but the server does not respond with this header, then the request will fail and vice versa.