When trying to access the api from an app on
http://localhost:8080 I’m getting the following:
XMLHttpRequest cannot load https://df-spiritdev.enterprise.dreamfactory.com/api/v2/user/session. Request header field Content- Type is not allowed by Access-Control-Allow-Headers.
Looking at the response headers reveals that there’s no Access-Control-Allow-Headers property.
Access-Control-Allow-Origin:http://localhost:8080 Allow:GET,HEAD,POST,PUT,PATCH,DELETE Cache-Control:no-cache, private Connection:keep-alive Content-Encoding:gzip Content-Type:text/html; charset=UTF-8 date:Wed, 14 Oct 2015 09:52:36 GMT Server:nginx Transfer-Encoding:chunked Vary:Origin
I tried deleting/recreating the CORS settings, but still there’s no Access-Control-Allow-Headers property in the response header.
Is there anything that I’m missing?