To be fully correct, I needed to add
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Authorization');
to the top of index.php, otherwise I couldn't send the Authorization token
with the request.
On Sat, Feb 26, 2011 at 1:55 PM, Wouter Charle <wouter.cha...@gmail.com>wrote:
> Hi, I was trying to do an RPC call to shindig from another domain and got
> the following error:
> Origin http://localhost is not allowed by Access-Control-Allow-Origin.
>
> I found out that this is due to Cross Origin Resource Sharing (see
> http://www.w3.org/TR/cors/) and that I had to configure Shindig to allow
> CORS. I did this by adding
>
> // Allow cross origin resource sharing. Replace * by http://localhost/
> // to only allow cross domain calls from localhost
> header('Access-Control-Allow-Origin: *');
>
> at the top of index.php
>
> This resolved the error, but I'm quite unsure if this is the best solution.
> Thanks for feedback!
>
