0

There is a web server on my LAN, at 10.xxx, on machine A.

I have an HTML page on machine B. This HTML page wants to make an AJAX request to the web server at 10.xxx. I made the page (with URL of file://abc.html) and tried it and got

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://XXXXXXXXXXX/ajax_info.txt. (Reason: CORS header 'Access-Control-Allow-Origin' missing)

My questions:

  1. Is there any way I can enable this in Mozilla?

  2. How can we make requests to Facebook, Twitter, and jQuery library servers via AJAX if cross-domain requests are prohibited?

  3. Can I add 'Access-Control-Allow-Origin' to vanilla AJAX requests?

This is probably a common question. I have seen lots of questions similar to this on Google, and SO as well.

SOLO
  • 868
  • 9
  • 19
John PHP
  • 15
  • 3

1 Answers1

0

You put 

header('Access-Control-Allow-Origin: *');

on machine A

If you want to be more secure you can add your domain in place of the * -

http://www.foo.com for example

header('Access-Control-Allow-Origin: http://www.foo.com');
g9m29
  • 373
  • 3
  • 16
  • where exactly on machine A ? basically we need to make sure that domain A always return this in its reponse ? – John PHP Aug 15 '16 at 14:44
  • It's a header, you put it a t the top of your page. Above everything else. – g9m29 Aug 15 '16 at 14:45
  • as per my next question, does facebook has set this so any domain in world can query its domain ? – John PHP Aug 15 '16 at 14:45
  • That's another separate question. Please mark the above one as correct and if you want more information ask another question or open chat with me. There is a big big difference between what you are doing and what fb is doing. Basically if you want to open your machine you should make authentications, REST API as a core, and such. Again it's whole other question so... – g9m29 Aug 15 '16 at 14:47
  • I agree what you are saying, I know what I am doing or what fb is doing is completely different, can you invite me on chat, i guess i cant do that – John PHP Aug 15 '16 at 14:52
  • Anyone coming here for answer , read this as well :) http://stackoverflow.com/questions/14159154/how-does-a-rest-api-work-with-javascript-when-there-is-a-same-domain-origin-poli – John PHP Aug 15 '16 at 14:55