2

I have a Https url and want to send request to get data from that URL , scenario 1: from my browser If I hit the Url i get the response whereas from my Angularjs App I get always an error 401 , but if I hit the Api from browser I always get the correct response

for security reasons I couldn't use Url here but what I want is to:

  $http({
        method: "GET",
        url: "https://urlAdresss/",
        headers: {
            "Accept-Language": "en-US, en;q=0.8",
            "Content-Type": "application/json;charset=UTF-8"
        },
    }).then(function (_response) {
        console.log(_response
     }

I always get unauthorized I am network as well as On console any help will be greatly appreciated ,

but If I hit the same Url from browser I get the response It means the backend is working fine

I think I am missing something in my get request that's why getting the error

Improve this question
9
  • Possible CORS issue? Api and angular are running on different hosts? Commented Dec 17, 2017 at 15:13
  • @lzagkaretos api is on server I am trying to hit the api from local host can be the problem? Commented Dec 17, 2017 at 16:56
  • It is very likely. Please check your browser console and network tab for more information. Commented Dec 17, 2017 at 17:09
  • it awlays says unauthorized but if i enter URl in browser it returns data :-( Commented Dec 17, 2017 at 17:10
  • Did you check browser console (F12) for something like Access-Control-Allow-Origin missing header or related stuff? Running through localhost of course. Commented Dec 17, 2017 at 17:12

1 Answer 1

Reset to default
4

It seems a CORS (Cross-Origin Resource Sharing) issue.

In AngularJS side, you should use the following configuration in order for $http service to automatically send authorization headers to http requests.

var app = angular.module('app', [])
    .config(function($httpProvider) {
        $httpProvider.defaults.useXDomain = true;
        $httpProvider.defaults.withCredentials = true;
    });

And in backend you should specify explicitly allowed origins (eg. http://localhost:8888).
Also, note some points from here.

If you want to allow credentials then your Access-Control-Allow-Origin must not use *.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.