Same origin policy and Access-Control-Allow-Origin

Question

So I have a web page that fetches content (two images) from two different servers. It simply does a HTTP GET nothing fancy.

I have some JavaScript in the page that calls document.getElementsByTagName('a') on the iframe. I get the following error --

"Blocked a frame with origin http://server1.example.com from accessing a frame with origin http://server2.example.com . Protocols, domains, and ports must match."

In my apache configuration file I added the following to the headers being sent out --

Header set Access-Control-Allow-Origin "*"

After this I see in the browser debugger that the header is in fact set.

But I still see the same error. Isn't this the expected workaround or solution to this? What am I missing? Do I not understand the same origin policy properly?

EDIT: This is ridiculous. People like myself ask on SO to get some knowledge. If I understood CORS or same origin policy I would have slved it myself. I have no idea why this is a duplicate of the other one. It did not seem like it is. Sometimes people with knowledge on SO enjoy talking down to less knowledgeable people. If you had let this remain open for a little while longer may be a kinder individual would have answered the question. But now it does not happen.

Assuming I know nothing about html can you tell me what accessing an iframe is? — user220201, Sep 25 '14 at 03:45
You are trying to interact with another domain through the iframe. You are not able to do that. You can read the content through Ajax calls. You will need to use postMessage. — epascarello, Sep 25 '14 at 12:22
But I was only parsing the links on the page not the actual content itself. — user220201, Sep 25 '14 at 17:12
If you are trying to read the data, then make an Ajax call to get the HTML and work with it that way. — epascarello, Sep 25 '14 at 18:27

Same origin policy and Access-Control-Allow-Origin

0 Answers0