Angularjs / sailsjs :Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers

Ok I finally found the issue.

I compared the response and request headers with interceptor and with it.

I change my code as below and it works.

In app.js of angularjs

I commented all the headers part.

   //Enable cross domain calls  /*  $httpProvider.defaults.useXDomain = true;//Remove the header used to identify ajax call  that would prevent CORS from workingdelete $httpProvider.defaults.headers.common['X-Requested-With'];$httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = 'origin, content-type, accept';$httpProvider.defaults.headers.common['Access-Control-Allow-Origin'] = '*';$httpProvider.defaults.headers.common['Access-Control-Allow-Methods'] = 'GET,POST,PUT,HEAD,DELETE,OPTIONS';*/$httpProvider.interceptors.push('TokenInterceptor');

And in my sails.js cors setup config I commented methods and headers. And it works well.

    module.exports.cors = {  /***************************************************************************  *                                                                          *  * Allow CORS on all routes by default? If not, you must enable CORS on a   *  * per-route basis by either adding a "cors" configuration object to the    *  * route config, or setting "cors:true" in the route config to use the      *  * default settings below.                                                  *  *                                                                          *  ***************************************************************************/   allRoutes: true,  /***************************************************************************  *                                                                          *  * Which domains which are allowed CORS access? This can be a               *  * comma-delimited list of hosts (beginning with http:// or https://) or    *  * "*" to allow all domains CORS access.                                    *  *                                                                          *  ***************************************************************************/   origin: '*',  /***************************************************************************  *                                                                          *  * Allow cookies to be shared for CORS requests?                            *  *                                                                          *  ***************************************************************************/   credentials: true  /***************************************************************************  *                                                                          *  * Which methods should be allowed for CORS requests? This is only used in  *  * response to preflight requests (see article linked above for more info)  *  *                                                                          *  ***************************************************************************/  // methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',  /***************************************************************************  *                                                                          *  * Which headers should be allowed for CORS requests? This is only used in  *  * response to preflight requests.                                          *  *                                                                          *  ***************************************************************************/  // headers: 'origin, content-type, accept'};

Have you tried setting the origin and methods in /config/cors.js ?

and also you can find more information on this page Sails.Config.CORS