Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight

Asked

Viewed 1,674 times

1

How can I eliminate this mistake?

XMLHttpRequest cannot load http://www.ramosdainformatica.com.br/food/apinhac.php. Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response.
app_controller.js:20 []
app_controller.js:21 Não foi possível acessar ao banco de dados.

I have tried changing my . htaccess to:

<IfModule mod_headers.c>    
    Header set Access-Control-Allow-Origin *
</IfModule>

But still the error persists. Follow what I am doing:

My PHP:

<?php

header("Access-Control-Allow-Origin: *");
header("Content-Type: text/html; charset=utf-8");

$data = file_get_contents("php://input");
$objData = json_decode($data);

$dns = "mysql:host=mysql70.ramosdainformatica.com.br;dbname=ramosdainforma70";
$user = "ramosdainforma70";
$pass = "rain14570";


$counter = $objData->counter;
$token = $objData->token;

try {   
    $con = new PDO($dns, $user, $pass);   

    if(!$con){
        echo "Não foi possivel conectar com Banco de Dados!";
    }
    if ($token === "1f3d2gs3f2fg3as2fdg3re2t1we46er45" && isset($token)) {  


        $query = $con->prepare('SELECT * FROM usuario_app ORDER BY nome'.$counter.', 5'');
        $query->execute();


        $out = "[";
        while($result = $query->fetch()){
            if ($out != "[") {
                $out .= ",";
            }
            $out .= '{"cod_user: "'.$result["cod_user"].'",';
            $out .= '"nome": "'.$result["nome"].'",';
            $out .= '"pais": "'.$result["pais"].'",';
            $out .= '"cep": "'.$result["cep"].'"';
            $out .= '"logradouro": "'.$result["logradouro"].'",';
            $out .= '"complemento": "'.$result["complemento"].'",';
            $out .= '"bairro": "'.$result["bairro"].'",';
            $out .= '"cidade": "'.$result["cidade"].'"';
            $out .= '"estado": "'.$result["estado"].'",';
            $out .= '"celular": "'.$result["celular"].'",';
            $out .= '"email": "'.$result["email"].'",';
            $out .= '"senha": "'.$result["senha"].'"';
            $out .= '"data_cadastro": "'.$result["data_cadastro"].'",';
            $out .= '"latitude": "'.$result["latitude"].'",';
            $out .= '"longitude": "'.$result["longitude"].'"}';            

        }
        $out .= "]";
        echo $out; 


    }
} catch (Exception $e) {
    echo "Erro: ". $e->getMessage();
};

My Service:

(function(){
    "use strict";

    angular.module("myApp").value("Config", {

        getUrl: "http://www.ramosdainformatica.com.br/food/"
    });

    angular.module("myApp").service("Data", function($http, Config){
        //recuperação de dados
        this.getData = function(params){
            return $http({
                method: "POST",
                url: Config.getUrl + "apinhac.php",
                data: params,
                headers : {
                                'Content-Type' : 'Access-Control-Allow-Origin: *; application/x-www-form-urlencoded; charset=UTF-8'                                
                            }
            });
        };


    });
})();

The mistake:

XMLHttpRequest cannot load http://www.ramosdainformatica.com.br/food/apinhac.php. Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response.
app_controller.js:20 []
app_controller.js:21 Não foi possível acessar ao banco de dados.

Actually this hosting was sharing on an old site with outdated server. I couldn’t even change the . httacess.

PHP just as it is already works perfect, without needing to change the . httaccess or anything.

  • Do not place SOLVED in the title, we are not a forum, we are a Q&A, if you do the tour will notice the basic explanation of how the site works http://answall.com/tour, if one of the answers solved the problem simply mark-a as correct, here is the orientation of how to do https://pt.meta.stackoverflow.com/a/1079/3635

1 answer

1

Good evening , by what I remember access control origin no longer accepts * tries to use like this

header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
  • Guys, thank you! I’m just coming back to thank you. Thanks anyway! :))

Browser other questions tagged

You are not signed in. Login or sign up in order to post.