Issue 1:
Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. Origin ‘http://localhost:4200’ is therefore not allowed access.
Solution 1:
You should not have
“Access-Control-Allow-Origin”: “*”,
Instead have specific ‘Access-Control-Allow-Origin’.
“Access-Control-Allow-Origin”: “http://localhost:4200”,
Issue 2:
Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Credentials’ header in the response is ” which must be ‘true’ when the request’s credentials mode is ‘include’. Origin ‘http://localhost:4200’ is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Solution 2:
Apart from adding the specific Allow origin instead of *, you will be required to add the Allow-Credentials.
“Access-Control-Allow-Origin”: “http://localhost:4200”,
“Access-Control-Allow-Credentials”: “true”, // this extra needs to be added
Issue 3:
No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:4200’ is therefore not allowed access.
Solution 3: TBC
Tech Grafitti! 