Error in Firefox: Access-Control-Allow-Origin

The application serving the accessed URL did not send in the header Access-Control-Allow-Headers the value: Access-Control-Allow-Origin.

What does that mean?

The Access-Control-Allow-Origin header blocks too many entries in the request header that are not explicit in it, that is, if a header is not listed there it will not work.

Solving your problem

Add Access-Control-Allow-Headers.

response.setHeader("Access-Control-Allow-Headers", "Access-Control-Allow-Origin");

Help documentation

A documentation Nifty for this content is: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers

The fact is that Access-Control-Allow-Origin and Access-Control-Allow-Headers are already set in the header, but, apparently, firefox does not identify them. The same setting works quietly in Chrome...

Follows the full setHeader:
response.setHeader ("Access-Control-Allow-Origin", "");
response.setHeader ("Access-Control-Allow-Credentials","true");
response.setHeader ("Access-Control-Allow-Methods", " GET, POST, PUT, DELETE, OPTIONS");
response.setHeader ("Access-Control-Max-Age", "3600");
response.setHeader ("Access-Control-Allow-Headers", "");
response.setHeader ("Access-Control-Request-Headers", "*");

Debugging a little further, I realized that the error occurs only with the OPTIONS method that sometimes precedes the GET method that takes a token with it...

Resolution:
response.setHeader ("Access-Control-Allow-Origin", " http://localhost:8081");
response.setHeader ("Access-Control-Allow-Methods","GET, POST, PUT, DELETE, OPTIONS");
response.setHeader ("Access-Control-Allow-Headers", "auth-token, access-control-allow-origin");

Say: ironwork