Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers

Question

I\'m trying to send files to my server with a post request, but when it sends it causes the error:

Request header field Content-Type is not allowed by

Answer 1

The server (that the POST request is sent to) needs to include the Content-Type header in its response.

Here's a list of typical headers to include, including one custom "X_ACCESS_TOKEN" header:

"X-ACCESS_TOKEN", "Access-Control-Allow-Origin", "Authorization", "Origin", "x-requested-with", "Content-Type", "Content-Range", "Content-Disposition", "Content-Description"

That's what your http server guy needs to configure for the web server that you're sending your requests to.

You may also want to ask your server guy to expose the "Content-Length" header.

He'll recognize this as a Cross-Origin Resource Sharing (CORS) request and should understand the implications of making those server configurations.

For details see:

• http://www.w3.org/TR/cors/
• http://enable-cors.org/