CORS交叉 - 帆中的原点飞行前错误

我是第一次创建混合应用程序，并开始遵循几个教程。我在浏览器控制台上收到这些错误

Refused to load the script 'http://192.168.1.142:35729/livereload.js?snipver=1' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'".
XMLHttpRequest cannot load http://localhost:1337/auth/local. The request was redirected to 'http://localhost:1337/login', which is disallowed 
for cross-origin requests that require preflight.

我在服务器端使用 sails，并在路由表中添加了以下内容

'get /' : {
  cors: {
    origin: '*'    
  },
  controller: 'FlashController',
  action: 'home'
},
'post /auth/local' : {
  cors: {
    origin: '*'    
  },
  controller: 'AuthController',
  action: 'callback'
},
'get /login' : {
  cors: {
    origin: '*'    
  },
  controller: 'AuthController',
  action: 'login'
},

当我按照教程进行操作时 devdactic.com/user-auth-angularjs-ionic/并对应用程序进行了以下更改以允许 CORS

ionic plugin add cordova-plugin-whitelist

以下是我的配置.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<widget id="com.ionicframework.devdacticauth980013" version="0.0.1" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
  <name>devdactic-auth</name>
  <description>
        An Ionic Framework and Cordova project.
    </description>
  <author email="hi@ionicframework" href="http://ionicframework.com/">
      Ionic Framework Team
    </author>
  <allow-navigation href="*" />
  <allow-intent href="*" />
  <content src="index.html"/>
  <access origin="*"/>
  <preference name="webviewbounce" value="false"/>
  <preference name="UIWebViewBounce" value="false"/>
  <preference name="DisallowOverscroll" value="true"/>
  <preference name="android-minSdkVersion" value="16"/>
  <preference name="BackupWebStorage" value="none"/>
  <feature name="StatusBar">
    <param name="ios-package" value="CDVStatusBar" onload="true"/>
  </feature>
</widget>

以下是我的索引.html

<html>
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
    <meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
    <title></title>
    <link href="lib/ionic/css/ionic.css" rel="stylesheet">
    <link href="css/style.css" rel="stylesheet">
    <!-- IF using Sass (run gulp sass first), then uncomment below and remove the CSS includes above
    <link href="css/ionic.app.css" rel="stylesheet">
    -->
    <!-- ionic/angularjs js -->
    <script src="lib/ionic/js/ionic.bundle.js"></script>
    <!-- cordova script (this will be a 404 during development) -->
    <script src="cordova.js"></script>
    <!-- your app's js -->
    <script src="js/app.js"></script>
    <script src="js/controllers.js"></script>
    <script src="js/services.js"></script>
    <script src="js/constants.js"></script>
    <script src="lib/angular-mocks/angular-mocks.js"></script>
  </head>
  <body ng-app="starter" ng-controller="AppCtrl">
   <ion-nav-bar class="bar-balanced">
   </ion-nav-bar>
   <ion-nav-view></ion-nav-view>
  </body>
</html>