4

I have an API server running on port AAAA and the JS frontend app (emberjs, using yeoman) running on port BBBB on the development machine. On the live server these ports will be the same. Unfortunately on the development machine I run into cross origin policy problems.

What can I do about this?

PS: Currently I solved this by starting Chrome using

open -a Google\ Chrome --args --disable-web-security

and using an absolute root path http://localhost:8888/ in the JS api. But I'm not really a fan of hardcoded urls and special flags. If there is a better solution for either, please let me know!

  • 1
    Assuming you can't change the development environment, you could test with a browser that lets you relax (or remove) cross domain policies. (Chrome allows this via command line switches.) But I think it would be better to try to have the dev environment reflect the production environment. – nnnnnn Jan 20 '13 at 06:48
  • Yes, I did it that way using chrome - but the approach is fragile since I have to use a hardcoded url for the port. –  Jan 20 '13 at 06:53
  • It would be nice if you could forward any request that causes a 404 to another port. That way you can use relative urls assuming requests made to the api would not be there. – HMR Jan 20 '13 at 09:19
  • CORS is very useful for these types of situations, provided you have configuration-access to the server: http://enable-cors.org/ – robertklep Jan 20 '13 at 10:07

1 Answers1

0

Besides using chrome with --disable-web-security, I used this snippet to avoid hardcoding the API origin

var origin = location.origin.replace(/localhost:(\d+)/, 'localhost:8888');

and only change it for local development.