Origin header of file:// sent for HTTP requests

[mraible]

Ionic version: (check one with "x")
[ ] 1.x
[x] 2.x

I'm submitting a ... (check one with "x")
[x] bug report
[ ] feature request
[ ] support request => Please do not submit support requests here, use one of these channels: https://forum.ionicframework.com/ or http://ionicworldwide.herokuapp.com/

Current behavior:

I'm developing an Ionic 2 app that authenticates against an API that has CORS enabled, but only allows for http:// and https:// origins to be configured. If I run my Ionic app in iOS Simulator with Charles Proxy, I can see that an Origin header with a value of file:// is sent when I try to login.

This seems to go against the advice in this blog post.

Your origin will not exist, since you are running off of a file:// URI; therefore, any request outwards will not require a CORS request.

[jgw96]

Hello! Thanks for opening an issue with us! As this seems like more of a support question and with the fact that Ionic does not do anything different with Http than normal angular does, i will urge that you ask this question on our forum or on our slack channel. Thanks for using Ionic!

[mraible]

I already asked on the forums and haven't had a response in over a week, that's why I created an issue. ;)

https://forum.ionicframework.com/t/origin-header-of-file-sent-for-http-requests/77413

Normal Angular runs in the browser, so there's always an http-based origin header. With Ionic (and likely Cordova), I'm seeing file:// being sent. I've found that if I allow file:// on a server as an Origin it works. This is a necessary step that doesn't seem to be mentioned in the aforementioned blog post. Hence the reason I created this issue. :)

[CedricReichenbach]

Latest discussion on the same topic:

• CORS error with "Origin file://" #12607

[imhoffd]

Consolidating to #15057 (please see my comment).