This all works fine offline, but when I upload it to Heroku I keep getting 400 errors, and it never reaches any of the routes. It does get to the routes when I comment out the header. What's going on here? Any guesses?
I'm basically trying to send a JWT token when the page is loaded to see if the user needs to login again, or if I can just retrieve their info. Works fine tested on localhost with node.
$.ajax({
url: 'users/preauth',
type: 'POST',
dataType: 'json',
// contentType: "application/json ;charset=UTF-8",
headers: {"Authorization": TOKEN},
}).done( function(result){
}).fail(function(err){
})
Is it a CORS issue? And if it is, how do I set it up with my Express app to allow the authorization header?
Is there a security risk intrinsic to allowing headers, and if so, is there a better way to send the token without an authorization header?
via Luddens Desir
No comments:
Post a Comment