I’m developing an Ionic 2 app that authenticates against an API that has CORS enabled, but only allows for
https:// origins to be configured. If I run my Ionic app in iOS Simulator with Charles Proxy, I can see that an
Origin header with a value of
file:// is sent when I try to login.
This seems to go against the advice in this blog post.
Your origin will not exist, since you are running off of a file:// URI; therefore, any request outwards will not require a CORS request.