Cross domain issue with compiled app


#1

Hi,

I’ve made my first ionic application. It’s a complete app for a client. I’ve made all my tests with ‘ionic serve’ or ‘ionic cordova run android --device -l -c -s’. The application work all as expected. The app call an REST API on which I do not have the hand.
I’ve build the app with the commande ‘ionic cordova build --debug android’ to test on client device. but with this compiled APK, POST request are rejected, on devices and emulator (GET works fine). this is the error in server log : Invalid CORS request;Origin=Some(file://);Method=POST;Access-Control-Request-Headers=None

I send following header with my requests :


      headers.append("Content-Type", "application/json");
      headers.append("Access-Control-Allow-Origin", "*");
      headers.append("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
      headers.append("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");

I’ve tried to not send headers. I’ve also tried to use cordova-plugin-whitelist. nothing work. The result is always the same.

this is an exemple of a method that not working :


  validateCode(code: string): Promise<RequestResult> {

    const userId = localStorage.getItem('userId');
    let noError = true;

    if (userId !== null) {
      const endPoint = this.url + '/v1/tokens/craftsmen';
      const headers = this.initHeaders();
      const options = new RequestOptions({ headers: headers });
	  
      return this._http.post(endPoint, { craftsmanId: userId, password: code }).toPromise()
        .then((response: Response) => {
          return response.json();
        }).catch(err => {
          console.log('SmsService.validateCode() error return : ' + JSON.stringify(err));
        });
    }
  }

thanks for reading,


#2

All this stuff you need to write on your server script not in the app script


#3

The API developper says me it’s configured on is side too.


#4

Have you tried ? => config.xml: <access origin="*" />


#5

yes, i have this in my config.xml. also added this :

I’ve asked to the API developper to add file:// in CORS configuration. I think it’s not configured properly. Wait for his response.


#6

it’s resolved. CORS rules wasn’t properly implemented in the API.

thanks for yours responses