How CORS allow headings in sails

Question

I want my server to allow the Authorization header for my mobile application. My web server is currently in sails and I am using sails. My route code

'post /auth/local' : { cors: { origin: '*' }, controller: 'AuthController', action: 'callback' },

When my client sends a request with "Authorization" in the header, I get an error

 XMLHttpRequest cannot load http://localhost:1337/auth/local. Request header field Authorization is not allowed by Access-Control-Allow-Headers.

How do I indicate in the route code that the "Authorization" header is also allowed?

+7

javascript cors express routes sails.js

raju Jul 19 '15 at 4:40

source share

1 answer

Emanuel ve · Accepted Answer · 2015-07-19T08:14:20+0000

Add the headers : 'Content-Type, Authorization' cors to the cors , as shown below:

 'post /auth/local' : { cors: { origin: '*', headers: 'Content-Type, Authorization' }, controller: 'AuthController', action: 'callback' },

Headings
: A comma-separated list of headers that are allowed to be sent with CORS requests. This is used only in response to pre-flight requests .

Note that Content-Type also required, because this is the default value of this property and is required for the POST and PUT methods.