On Feb 13, 2014, at 1:57 PM, Julien Eluard <[email protected]> wrote:
> make sure the web server you are interacting with sets the right CORS headers > in the response. > If you control it you can find more info here: > http://enable-cors.org/server.html > > Le 13 févr. 2014 à 18:40, Thomas <[email protected]> a écrit : >> >> I am trying to build a little cljs app and I want to call a REST API that >> potentially will run on a different machine (testing with localhost at the >> moment). >> I am using the cljs-http library which seems to be quite easy to use. But I >> get the following error when I do a GET call: >> XMLHttpRequest cannot load https://localhost:9443/path/. No >> 'Access-Control-Allow-Origin' header is present on the requested resource. >> Origin 'null' is therefore not allowed access. >> When I do the same call however from a normal browser window or with Poster >> I do get a good response. >> Any idea how I can avoid it? I did bit of Googling and the error is related >> to Cross Origin Resources, but couldn't find a solution :(( Any ideas how >> to avoid this? Julien is correct, the right way to solve this issue is to have the server you are attempting to access via XMLHttpRequest return CORS headers. Since I control the remote web server, I was able to add the CORS headers. I spent a day or two this week on exactly this issue, and there is plenty of information available out there about which headers are required and why. I recommend keeping a close eye on your browser console while you test this, it took me a couple of iterations to get it all correct. And some browsers/dev-tools provide very complete error messages when you get it wrong, but unfortunately I do not recall which browser/tool I ended up using at the moment. I am not certain, but I would guess that the reason you can access the remote server from another browser window is that when you do so, your browser is reporting its hostname as something other than localhost, and possibly the remote server doesn't accept CORS requests from localhost. Just yesterday I learned a trick that can help in situations like this, add an entry to your /etc/hosts file, something like this: 127.0.0.1 foo.example.com Then, instead of accessing https://localhost:9443/path, try http://foo.example.com:9443/path Your app should load from your local machine as usual, but when you execute XMLHttpRequest, it should report its hostname as specified above, which *might* solve your problem, but I am not certain. Another approach you can take is to configure your browser to disable its same-origin policy, this is OK in development, but you cannot expect your users to do this. If you choose this route, you may find these links helpful: How to: Disable Same-Origin Policy in Chrome | Joshua McGinnis Disable firefox same origin policy - Stack Overflow Good luck! Don -- Note that posts from new members are moderated - please be patient with your first post. --- You received this message because you are subscribed to the Google Groups "ClojureScript" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/clojurescript.
