1
I currently use Angular 2+ in some applications and am experiencing difficulties in solving Cors problems. When the request is made by Postman, everything happens as expected, but when I try through my application, it launches Cors error on the console stating that the control of content type headers is not authorized.
I tried to add in my request some headers to try to allow any kind of request.
I tried something like:
let header = new HttpHeaders();
header = header.set("Content-Type", "application/x-www-form-urlencoded")
header.append("Access-Control-Allow-Headers", "*")
I also tried all the other types of headers for Cors available that I found, access control origin, anyway, all I keep having trouble in Cors.
I read that the best way to treat Cors is by enabling it on the server. But I was curious how Postman can perform the requests without being configured on the server.
Would it be an angular failure not to be able to send these headers in a manner to allow? It would be a Postman trick that can ignore this?
Very curious.
CORS is a security issue that the browser recognizes, cross origin, when using Postman, it knows that it is a browser application itself that is testing and will not function as a real application. To run Cors, you need to enable it in your server side application, and in the side client, pass the header type that is going, otherwise it will not work
– Gilmar Alonso
CORS is implemented by the browser, if the software you are using does not want to implement it, it is your decision. Take a look at what it is CORS
– Costamilam
One thing I did and it worked. I created a Chrome shortcut and added it to the . exe Ex.: "C: Program Files (x86) Google Chrome Application Chrome.exe" -disable-web-security
– acacio.martins