hi i hope u well
i want to used my angular app with chirpstack api after deploy on same server my console show this error .
i using https for chirpstack app server and my port 80 of server
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://man...ir/api/internal/login. (Reason: header ‘access-control-allow-origin’ is not allowed according to header ‘Access-Control-Allow-Headers’ from CORS preflight response).
and u can see my application server config for cors
please help me to find a way to fix this error .
This forum assumes you’ve done some homework already. Had you done a little searching, you’d find that this error is not limited to ChirpStack, which indicates solution is also elsewhere. Suggest you read the first half dozen hits to see what you need to/can do.
The Same Origin Policy (SOP) is a security measure standardized among browsers. It is needed to prevent Cross-Site Request Forgery (CSRF). The “Origin” mostly refers to a “Domain”. Same Origin Policy prevents different origins (domains) from interacting with each other, to prevent attacks such as CSRF (Cross Site Request Forgery) through such requests, like AJAX. In other words, the browser would not allow any site to make a request to any other site. Without Same Origin Policy , any web page would be able to access the DOM of other pages.