heroku node js simple cross-domain issue

Question

I worked with two nodejs (no Express) application :

webprocess dataprocess

dataprocess sends back a rest message with this code :

var status = 200;
if (responseStatus) {
    status = responseStatus;
}
var contentType = "application/json; charset=utf-8";
if (responsecontentType) {
    contentType = responsecontentType;
}
this.response.statusCode = status;
//http://www.w3.org/TR/cors/
//The server allows any domain to call it with the XMLHttpRequest
this.response.setHeader("Access-Control-Allow-Origin", this.request.headers.origin);
//The server allow the content-type header
this.response.setHeader("Access-Control-Allow-Headers", "Content-Type");

this.response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
this.response.setHeader("Content-Type", contentType);
this.response.end(contentText);

In local, everything is ok, the "Access-Control-Allow-Origin" works fine. But, when I create two apps on heroku and deploy, I get the browser cross-domain exception on the pre-flight ajax call (OPTIONS). Not sure what's wrong?

Thanks for your help

Yoann

score 2 · Accepted Answer · answered May 14 '13 at 04:40

If you want to allow any domain to call your endpoint as per the comment in your code, you would use a wildcard instead of this.request.headers.origin

//The server allows any domain to call it with the XMLHttpRequest
this.response.setHeader("Access-Control-Allow-Origin", "*");

heroku node js simple cross-domain issue

1 Answers1