Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response [duplicate]

1

How can I eliminate this error?

XMLHttpRequest cannot load http://www.ramosdainformatica.com.br/food/apinhac.php. Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response.
app_controller.js:20 []
app_controller.js:21 Não foi possível acessar ao banco de dados.

I have tried to change my .htaccess to:

<IfModule mod_headers.c>    
    Header set Access-Control-Allow-Origin *
</IfModule>

But still the error persists. Here's what I'm doing:

My PHP:

<?php

header("Access-Control-Allow-Origin: *");
header("Content-Type: text/html; charset=utf-8");

$data = file_get_contents("php://input");
$objData = json_decode($data);

$dns = "mysql:host=mysql70.ramosdainformatica.com.br;dbname=ramosdainforma70";
$user = "ramosdainforma70";
$pass = "rain14570";


$counter = $objData->counter;
$token = $objData->token;

try {   
    $con = new PDO($dns, $user, $pass);   

    if(!$con){
        echo "Não foi possivel conectar com Banco de Dados!";
    }
    if ($token === "1f3d2gs3f2fg3as2fdg3re2t1we46er45" && isset($token)) {  


        $query = $con->prepare('SELECT * FROM usuario_app ORDER BY nome'.$counter.', 5'');
        $query->execute();


        $out = "[";
        while($result = $query->fetch()){
            if ($out != "[") {
                $out .= ",";
            }
            $out .= '{"cod_user: "'.$result["cod_user"].'",';
            $out .= '"nome": "'.$result["nome"].'",';
            $out .= '"pais": "'.$result["pais"].'",';
            $out .= '"cep": "'.$result["cep"].'"';
            $out .= '"logradouro": "'.$result["logradouro"].'",';
            $out .= '"complemento": "'.$result["complemento"].'",';
            $out .= '"bairro": "'.$result["bairro"].'",';
            $out .= '"cidade": "'.$result["cidade"].'"';
            $out .= '"estado": "'.$result["estado"].'",';
            $out .= '"celular": "'.$result["celular"].'",';
            $out .= '"email": "'.$result["email"].'",';
            $out .= '"senha": "'.$result["senha"].'"';
            $out .= '"data_cadastro": "'.$result["data_cadastro"].'",';
            $out .= '"latitude": "'.$result["latitude"].'",';
            $out .= '"longitude": "'.$result["longitude"].'"}';            

        }
        $out .= "]";
        echo $out; 


    }
} catch (Exception $e) {
    echo "Erro: ". $e->getMessage();
};

My Service:

(function(){
    "use strict";

    angular.module("myApp").value("Config", {

        getUrl: "http://www.ramosdainformatica.com.br/food/"
    });

    angular.module("myApp").service("Data", function($http, Config){
        //recuperação de dados
        this.getData = function(params){
            return $http({
                method: "POST",
                url: Config.getUrl + "apinhac.php",
                data: params,
                headers : {
                                'Content-Type' : 'Access-Control-Allow-Origin: *; application/x-www-form-urlencoded; charset=UTF-8'                                
                            }
            });
        };


    });
})();

The error:

XMLHttpRequest cannot load http://www.ramosdainformatica.com.br/food/apinhac.php. Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response.
app_controller.js:20 []
app_controller.js:21 Não foi possível acessar ao banco de dados.

In fact this hosting was sharing on an old site with outdated server. I could not even change the .httacess.

PHP just like it already works perfect, without having to change the .httaccess or anything.

    
asked by anonymous 03.05.2016 / 03:08

1 answer

1

Good night, as far as I remember the access control origin does not accept the * try to use it

header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
    
06.09.2016 / 02:45