Closed blackdeve closed 5 years ago
X-Requested-With
header is not allowed in CORS settings here: https://github.com/gothinkster/koa-knex-realworld-example/blob/master/src/config/index.js#L31
it works in postman, bcs. browser has CORS mechanism for better security https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
why do you actually need this http header X-Requested-With
?
If I remove X-Requested-With
header, it gives Unauthorized
error.
Do you have any idea about this?
It works fine on Postman with the same Authorization
header.
Looks like you use wrong token or bug in the application logic needs more info
POST /api/articles
endpoint or others too?in your create function, I don't see token at all
POST /api/users/login
token is stored globally and it's updated when user logs in
can you also check in Chrome network tab that your actual XHR request contains the right header and the right value
yes, it has right header and values
works fine for me in chrome console
make sure, that you receive and send the token to the same host
if doesn't work, create small reproducible example/repo to see what the problem, please
I tried with your code but it gives me error as well
Code :
Error:
Does this mean there is bug on my backend?
perhaps, this needs debugging to get the wrong place
what do you mean exactly?
I mean it's not clear where is the problem. It could be both sides and needs debugging with some reproducible examples
closed due to inactivity
Here's my code:
This is error log of the Articles.create() function.
Is there anyone who can fix this issue for me? Thanks in advance!