1

So I have ui-router in my application and everything has been working fine. I was asked to make the account area of the site forced HTTPS so I set up this rule:

I have a link on the main "view" that takes you to the login page and the link looks just like this:

<a class="link-primary" ui-sref="login" ng-switch-default>Sign in</a>

The state rule set up looks like this:

.state('login', {
    url: '/account/signin',
    params: {
        returnState: null,
        returnParams: null
    },
    templateUrl: '/assets/tpl/account/signin.tpl.html',
    controller: 'LoginController',
    controllerAs: 'controller',
    resolve: {
        pageTitle: ['PageHead', function (service) {
            service.setTitle('Kudos Sports - Login');
        }]
    }
})

When I click the link I get an error message:

XMLHttpRequest cannot load https://kudos-topspindigital.azurewebsites.net/assets/tpl/account/signin.tpl.html. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://kudos-topspindigital.azurewebsites.net' is therefore not allowed access.

I can type the url (https://kudos-topspindigital.azurewebsites.net/account/signin) and this works without any issues. I can even do it by omitting the https protocol and it will redirect with no issues, so I can only assume there is something wrong with angularJS.

Can someone help me fix my issue?

Improve this question

2 Answers 2

Reset to default
1

Try add HTTP header in your server response by:

"Access-Control-Allow-Origin", "*"

This time, use server side script to return HTML instead pure html, for example, in PHP

<?php
 header("Access-Control-Allow-Origin: *");
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

it's just HTML, there is no server side (for that bit)
Then the index html should be sent by https, not http, then all fine, just keep them in same domain and protocol
they are, that's what I don't understand
0

Tbh the best way for me to do this was to set up a rule that pushed everything to HTTPS, not just the account stuff.

    <rule name="Redirect .com to www" patternSyntax="Wildcard" stopProcessing="true">
      <match url="*" />
      <conditions logicalGrouping="MatchAny">
        <add input="{HTTP_HOST}" pattern="kudos-sports.co.uk" />
        <add input="{HTTP_HOST}" pattern="kudos-sports.com" />
        <add input="{HTTP_HOST}" pattern="kudos-sportswear.co.uk" />
        <add input="{HTTP_HOST}" pattern="kudos-sportswear.com" />
        <add input="{HTTP_HOST}" pattern="www.kudos-sports.co.uk" />
        <add input="{HTTP_HOST}" pattern="www.kudos-sportswear.co.uk" />
        <add input="{HTTP_HOST}" pattern="www.kudos-sportswear.com" />
        <add input="{HTTP_HOST}" pattern="kudos-sports.azurewebsites.net" />
      </conditions>
      <action type="Redirect" url="https://www.kudos-sports.com{REQUEST_URI}" />
    </rule>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.