My front end pages are developed whit jquery 3.2.1, running by npm like this
"start": "http-server -a localhost -p 8000 -P http://localhost:8080 -c-1 --cors ./app"
my http request example:
$(function(){
$.ajax({
url: 'http://localhost:8080/api/partner/all',
type:'get',
dataType:'text',
success:function(data){
alert(data);
}
});
}
)
and I get the cors error, like this
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access. The response had HTTP status code 403.
then I add the filter for cors supports
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "1728000");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
now only one error is:
GET http://localhost:8080/api/partner/all 403 ()
How can I fix this problem?
Access-Control-Allow-Origin: * and Access-Control-Allow-Credentials: true are incompatible.
If you need to pass Access-Control-Allow-Credentials: true (because you require cookie/authentication support) you will have to specify Access-Control-Allow-Origin: {value-of-Origin-request-header} (in your example, you could hardcode it to be Access-Control-Allow-Origin: http://localhost:8000).