а

Error: Origin is not allowed by Access-Control-Allow-Origin


#1

Hello,
i’m trying to retrive a xml from an url, to do that i wrote the following lines

dhx.ajax("http://192.168.2.80:8089/EdicomStuffServer/services/OutsmonRest/getDomains/username/prueba/password/prueba/", function(text){
	var txt=text;
	alert(text);
});

inspecting the document with firebug the txt variable is an empty string and I also get the error:

XMLHttpRequest cannot load http://192.168.2.80:8089/EdicomStuffServer/services/OutsmonRest/getDomains/username/prueba/password/prueba/. Origin http://127.0.0.1:8020 is not allowed by Access-Control-Allow-Origin

I also tried with others urls and I get the same error.
(I’m using aptana as IDE and I tried both the embedded web server and apache web server to run the mobile application).
Do you know how I can resolve this problem?

thanks
Danilo


#2

Is the main html page also loaded from the same url - 192.168.2.80:8089 ?
Otherwise browser will block data loading because of cross domain security
( you can configure headers in server’s response to allow cross domain request for FF and WebKit browsers )


#3

Thanks Stanislav for your response,
the html is loaded from 127.0.0.1, that is why I’m getting thi error. I serched on google and I saw that making a request with “Access-Control-Allow-Origin 127.0.0.1” I can bypass the problem, so my question is how can I make a request with that parameter Access-Control-Allow-Origin 127.0.0.1 with dhtmlx framework?

The current header that is generating is the following:

Request URL:http://192.168.2.80:8089/EdicomStuffServer/services/OutsmonRest/getDomains/username/prueba/password/prueba/
Request Headersview parsed
GET http://192.168.2.80:8089/EdicomStuffServer/services/OutsmonRest/getDomains/username/prueba/password/prueba/ HTTP/1.1

Origin: http://127.0.0.1:8020

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2

Referer: http://127.0.0.1:8020/mobile-mon/index.html

As you commented in your answer do you think if I make the same above request and the server put in the response headers the parameter:
Access-Control-Allow-Origin 127.0.0.1
it is going to work?

Thanks again for your advices
Greetings
Danilo


#4

That must be the header in the response, not in the ajax call.
In case of apache - you can add instructions to output such header through .htaccess file

enable-cors.org/


#5

Hello,

I know it’s an old ticket, but I leave this comment in case someone has the same error that I had.

After a study of the request sent by Gantt with the .load(url) method, I noticed that it sends a specific header x-requested-with, so to solve this problem I added it at the level of my filter.

For info I use a backend in Java: