Lusca + Angular2 Problems

[vgogov]

Anyone developing a lusca(+ krakenjs) back-end with a Angular 2 front-end. Currently I'm having an issue with a login screen. The krakenjs back-end runs on localhost:8000 and the Angular2 front-end runs on localhost:3000. When I send a POST request through the login screen to localhost:8000/login I get a CSFR token missing error. If I disable csfr, I get the error:

XMLHttpRequest cannot load http://localhost:8000/login. The request was redirected to 'http://localhost:8000/login', which is disallowed for cross-origin requests that require preflight.

Any ideas? Thanks

Update: Works on most browsers. Only Google Chrome gives this error.

[shaunwarman]

Hey @vgogov

So chrome is pretty strict with their same-origin policy. It essentially means that it "is a security policy enforced on client-side web apps (e.g., web browsers) to prevent interactions between resources from different origins."

There is some great documentation here.

What you can most likely do is add the Access-Control-Allow-Origin header in your POST request and chrome will allow resources to come from the response at the :8000 port location.

[vgogov]

Thanks. I've added res.header('Access-Control-Allow-Origin', 'http://localhost:3000'); in my Kraken and Chrome is not complaining anymore :)

[shaunwarman]

👍