javascript - Bottle + AngularJS - CORS refuses to work -

javascript - Bottle + AngularJS - CORS refuses to work -

code: @route('/characteristicstobestweb', method='options') def respondtochartobestqueryweboptions(): response.headers['access-control-allow-origin'] = settings.allowed_web_origin response.headers['access-control-allow-credentials'] = 'true' # response.headers['access-control-allow-origin'] = '*' response.headers['access-control-allow-methods'] = 'post, options' response.headers['access-control-allow-headers'] = 'origin, accept,' \ ' content-type,' \ ' cache-control,' \ ' pragma,' \ ' x-requested-with,' \ ' x-csrf-token' @route('/characteristicstobestweb', method='post') def respondtochartobestwebquery(): response.headers['access-control-allow-origin'] = settings.allowed_web_origin response.headers['access-control-allow-credentials'] = 'true' # response.headers['access-control-allow-origin'] = '*' response.headers['access-control-allow-methods'] = 'post, options' response.headers['access-control-allow-headers'] = 'origin, accept,' \ ' content-type,' \ ' cache-control,' \ ' pragma,' \ ' x-requested-with,' \ ' x-csrf-token' render_response()

as can see, specify origin explicitly, , yet next error in console, using both vanilla $http service , restangular.

on post request:

xmlhttprequest cannot load http://vitamiter.com/characteristicstobestweb. no 'access-control-allow-origin' header nowadays on requested resource. origin 'http://dev.vitapersonal.com:9000' hence not allowed access.

although options request returns fine.

any assistance much appreciated.

edit: works fine xmlhttprequest:

var req = new xmlhttprequest(); req.open("post", api_root + 'characteristicstobest?cachebuster=' + math.random().tofixed(5) , true); req.setrequestheader("content-type", "application/json"); req.setrequestheader("cache-control", "no-cache, must-revalidate"); req.setrequestheader("pragma", "no-cache"); req.onload = function(){ var response = this.response; $scope.$apply(function(){ console.log(response) }) } req.send(json.stringify(reqdata));

wt*-angular?

try :

@hook('after_request') def enable_cors(): response.headers['access-control-allow-origin'] = '*' response.headers['access-control-allow-methods'] = 'put, get, post, delete' response.headers['access-control-allow-headers'] = 'origin, accept, content-type, x-requested-with, x-csrf-token'

javascript python angularjs bottle