Openfire and strophe.js: not allowed by Access-Control-Allow-Origin

Question

Im trying to create a webchat using Jabber. I have installed Openfire and i can login to the admin panel at :9090 so the server is running.

Now when using strophe.js basic example, coming with strophe.js i get this error:

5XMLHttpRequest cannot load http://jabber.xxx.dk:7070/http-bind/. Origin http://jabber.xxx.dk is not allowed by Access-Control-Allow-Origin.

How can i allow the domain?

For anyone new to this here is a getting-starting tutorial to set this all up, https://expertnotfound.wordpress.com/2013/04/08/setting-up-openfire-bosh-strophe/. — Kyle Bridenstine, Mar 22 '16 at 15:16

score 6 · Answer 1 · edited Mar 19 '14 at 13:18

6

If it doesn't work even after enabling CORS in Openfire and changing the domain policy to accept all, then check your URL for Openfire. You may need to add '/' at the end (e.g. 'http://dimain:7070/http-bind/').

Without the slash it didn't work for me.

edited Mar 19 '14 at 13:18

Jeff B

8,572
17
61
140

answered Mar 19 '14 at 12:54

kris

73
1
2

Joe Hildebrand · Accepted Answer · 2013-04-15T17:02:30.707

6

Thanks to @SamGoody for pointing this out. As of version 3.8.0, OpenFire now supports1 CORS[2], which is needed for your use case. To enable it, go to the OpenFire admin console, Server, Server Settings, HTTP Binding tab. Ensure that "Provides support for CORS (Cross-Origin Resource Sharing)" is Enabled, with a domain list of * (these are the defaults).

OpenFire admin screen

edited Apr 15 '13 at 17:02

answered Mar 28 '11 at 03:05

Joe Hildebrand

10,354
2
38
48

OpenFire 3.8.2 is now out, and it has support for CORS. – SamGoody Apr 15 '13 at 08:31
Thanks @SamGoody. Rewrote my answer based on your comment. – Joe Hildebrand Apr 15 '13 at 17:03

score 2 · Answer 3 · answered Apr 11 '11 at 07:10

Another option is to setup your apache server to proxy port 7070 so you're not dealing with cross-domain issues per se. The code for that looks something like this inside of your httpd.conf file:

ProxyRequests Off
ProxyPass /http-bind http://127.0.0.1:7070/http-bind/
ProxyPassReverse /http-bind http://127.0.0.1:7070/http-bind/

score 0 · Answer 4 · answered Mar 25 '11 at 03:20

0

If you log in to the admin panel, go to the Server Settings tab, then to HTTP Bindings, check both options (HTTP Binding and Script Syntax) are set to Enabled

answered Mar 25 '11 at 03:20

Marc

546
5
10

They are both enabled, and port is set to 7070. This is the cross-domain policy: – Danielss89 Mar 26 '11 at 09:09
is /http-bind/ the default folder? should i do something to create this folder? – Danielss89 Mar 26 '11 at 09:10
I'm afraid I haven't got experience with HTTP binding, only Openfire itself. Now that it's not a simple configuration issue, it's out of my depth but hopefully someone else can provide an answer. – Marc Mar 26 '11 at 15:23

score -2 · Answer 5 · answered Nov 22 '17 at 14:02

-2

I had faced same issue and come to know that port was not open for access. Though it browser says it is CORS Access-Control-Allow-Origin issue. This is sometimes open port issue. Please make sure http bind port is open and can be accessible over tcp on system your are testing.

answered Nov 22 '17 at 14:02

Sushilkumar

831
7
3

1

This should be a comment. – sjaustirni Nov 22 '17 at 14:21

Openfire and strophe.js: not allowed by Access-Control-Allow-Origin

5 Answers5