Sails.js CORS for post method

Question

Sails.js CORS for post method

634 views Asked by pewpewlasers At 07 June 2015 at 13:22

I was able to use CORS for a specific controller using a GET request like the following:

'get /url': {
        controller: 'somecontroller',
        action: 'someaction',
        cors: true
    },

However if I try using POST like the following, I get "Access Denied" error:

'post /url': {
            controller: 'somecontroller',
            action: 'someaction',
            cors: true
        },

How do I setup cors for a post method?

Original Q&A

There are 2 answers

moubert On 13 June 2015 at 20:23

in config/routes.js before declaring routes put :

'OPTIONS /*': function(req, res) { res.send(200); },

and in config/cors.js try to put :

module.exports.cors = {

allRoutes: true,

origin: '*',

credentials: true,

methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',

headers: 'content-type, access-control-allow-origin, authorization'

};

**pewpewlasers** · Accepted Answer · 2015-06-13 12:11:54

With my limited research I found out that simply adding "cors: true" to the controller doesn't solve the problem. Sails is still expecting a csrf token for the post method. In the bootstrap.js file under config folder, I added the following code at the bottom to disable csrf token on the route by using the following:

sails.config.csrf.routesDisabled = '/url';

If you have better solutions, please post them here. Thanks!

Edit: You can also change this in the config/csrf.js file. Change module.exports.csrf = true; to:

module.exports.csrf = {
    routesDisabled: '/url',
};

You might have to use it for your apis

module.exports.csrf = {
    routesDisabled: '/api/*',
};

TechQA.

Sails.js CORS for post method

There are 2 answers

Related Questions in SAILS.JS

Popular Questions

Popular Tags

Trending Questions