Getting no 'access-control-allow-origin' header is present



I have a MEAN app that I’m working on and when I’m trying to hit my REST API running on Node/express I keep getting the error “no ‘access-control-allow-origin’ header is present” even though I have the following set in my node index.js file:

// CORS Support
app.use(function(req, res, next) {

  // Website you wish to allow to connect
  res.setHeader('Access-Control-Allow-Origin', '*');

  // Request methods you wish to allow
  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');

  // Request headers you wish to allow
  res.setHeader('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With, x-request-metadata');

  // Set to true if you need the website to include cookies in the requests sent
  // to the API (e.g. in case you use sessions)
  res.setHeader('Access-Control-Allow-Credentials', true);

I have tried using both setHeader() and just header() as I’ve seen it done both ways still with no luck.

I have the port for my node app set for 8080 and then grunt is serving up the Angular part of the app running on 8081. I can access each app separately just fine but when the Angular front end tries to access the node app it’s giving me that error.

Am I missing some other config option that I need to allow me to allow the front end of my app to hit the back end on the same container?



I just found the issue. I didn’t realize I had to make the url public as outlined in this link in case anyone has this issue: