Ionic/Angular adding additional access control allow origin to response headers. How to prevent this?
My Nginx server has CORS enabled
add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
With my ionic http code using Angular HttpClient
const req = this.http.get('https://example.com/apiRequest');
When accessing the api get call on the browser, the response headers are normal
However, when using ionic serve, I get 2 Access-Control-Allow-Origin headers, one is localhost:8100 and the other is ‘*’ which was added. This issue also occurs on Ios Simulator, android phone/simulator.
My guess is that Ionic/Angular is doing something, but I just don’t know what. I don’t own the nginx server so I can only ask through support about headers being added.
Has this issue occurred for anyone else? I don’t think adding Ionic proxies would resolve this issue since I’m using a production website and tested it on a physical android device and the same issue occurs.
Or is this actually an Nginx error?
Ionic Framework: @ionic/angular 5.3.2
Source: Angular Questions