I have a website made with AngularJS. This website makes API calls to an API server that lives in a sub directory on the same domain. The calls from my AngularJS code to the API only work when I visit my web page with www in URL.
Because my AngularJS app calls all the API's with the www subdomain in the URL as well.
When I visit my page like so: http://example.com, then all calls to http://www.example.com/api/Something fail because of Cross Domain policy.
People simply sometimes go to http://example.com and others use www.example.com. So what is the best practice to solve this problem in an AngularJS application that makes API calls through $resource?
Fixed it by adding this header to PHP:
header("Access-Control-Allow-Origin: *");
Instead of trying to handle this in your code, I would make sure your server is handling calls to either URL as the same that way you aren't dealing with the switching back and forth. That should eliminate any issues with CORS.