symfony2 REST, AngularJs access-Control-Allow-Origin
if you are using chrome you should better get your mind of it working on a localhost ip. a common approach is to reverse proxy localhost into a custom local domain like your-domain.com (for this you would have to use a web server like apache or nginx), reverse proxy all connections to your 127.0.0.1:9000 ip, have an alias in /etc/hosts for 127.0.1.1 your-domain.com and just read the symfony documentation for adding custom headers to your ajax request. i am assuming here you have your ajax routes connected to a controller, a common example would be returning an array of headers as the third parameter
return new Response($json, 201, array('Access-Control-Allow-Origin' => '*', 'Content-Type' => 'application/json'));
i wouldn't complicate myself much and use 3rd party plugins that i have no control of. hope this helps, it's documented in the symfony cookbook (http://symfony.com/doc/current/book/http_fundamentals.html)
allow_headers: '*'
solved my issue:
nelmio_cors: paths: '^/api/': ... allow_headers: '*' ...
For me the error was logged as Unauthorized header content-type
thrown by NelmioCorsBundle. (I'm Using standard Angular $resource + Symfony + NelmioCorsBundle
setup)
NelmioCorsBundle by default only allows 'accept'
, 'accept-language'
, 'content-language'
and 'origin'
(see https://github.com/nelmio/NelmioCorsBundle/blob/1.4.0/EventListener/CorsListener.php#L32)
The error is thrown here:https://github.com/nelmio/NelmioCorsBundle/blob/1.4.0/EventListener/CorsListener.php#L158
--
PS: be aware of the security hole you might open with allowing any origin (*
)