Sunday, 29 October 2017

javascript - Origin is not allowed by Access-Control-Allow-Origin

itemprop="text">


I'm making an
Ajax.request to a remote PHP server in a href="https://en.wikipedia.org/wiki/Sencha_Touch" rel="noreferrer">Sencha
Touch 2 application (wrapped in href="http://en.wikipedia.org/wiki/PhoneGap"
rel="noreferrer">PhoneGap).



The
response from the server is the
following:





XMLHttpRequest cannot load href="http://nqatalog.negroesquisso.pt/login.php"
rel="noreferrer">http://nqatalog.negroesquisso.pt/login.php. Origin
http://localhost:8888 is not allowed by
Access-Control-Allow-Origin.




How
can I fix this problem?



class="post-text" itemprop="text">
class="normal">Answer



I wrote an
article on this issue a while back, href="http://www.cypressnorth.com/blog/programming/cross-domain-ajax-request-with-json-response-for-iefirefoxchrome-safari-jquery/"
rel="noreferrer">Cross Domain
AJAX.



The easiest way to handle this
if you have control of the responding server is to add a response header
for:



Access-Control-Allow-Origin:
            *


This will allow
cross-domain rel="noreferrer">Ajax. In PHP, you'll want to modify the response like
so:




            header('Access-Control-Allow-Origin: *');
            ?>


You can just put
the Header set Access-Control-Allow-Origin * setting in the
rel="noreferrer">Apache configuration or htaccess
file.



It should be noted that this effectively
disables CORS protection, which very likely exposes your users to
attack. If you don't know that you specifically need to use a wildcard,
you should not use it, and instead you should whitelist your specific
domain:



            header('Access-Control-Allow-Origin: http://example.com')
            ?>

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

php - file_get_contents shows unexpected output while reading a file

I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print ...