Request header field is not allowed by Access-Control-Allow-Headers with $http

Question

I\'m doing a POST to a service using Postman Chrome Extension, and I get the expected response.

But, when I do the same POST reque

Answer 1

I believe configuring the Access-Control-Allow-Headers on the $httpProvider on the CLIENT will not work. I think the header needs to be configured on the server (as a response header). In a node-express application for instance, this could be done with a middleware (for example), putting something like this:

res.header('*')

or (more selectively) just the headers you need:

res.header('Engaged-Auth-Token, Access-Control-Allow-Headers', 'Content-Type, Authorization, Content-Length, X-Requested-With');