Origin header of `file://` sent for HTTP requests


I’m developing an Ionic 2 app that authenticates against an API that has CORS enabled, but only allows for http:// and https:// origins to be configured. If I run my Ionic app in iOS Simulator with Charles Proxy, I can see that an Origin header with a value of file:// is sent when I try to login.

This seems to go against the advice in this blog post.

Your origin will not exist, since you are running off of a file:// URI; therefore, any request outwards will not require a CORS request.


Here is the solution to your problem:



Not working for me. Still getting 403.