Menu
Here is my routes in (app/routes/customers.js):
export default Ember.Route.extend({
model: function() {
return $.getJSON("http://127.0.0.1:3000/odata/customers");
}
});
here is my router.js:
export default Router.map(function() {
this.route('customers', {path: '/'});
});
http://127.0.0.1:3000/odata/customers is my api, but ember-cli use http://localhost:4200/, when I open http://localhost:4200/,
in the console, the error message is:
XMLHttpRequest cannot load http://127.0.0.1:3000/odata/customers. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.
I find a article: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
so I know what's wrong, but I don't kown how to fix it when use ember.js.
sorry for my poor English, hope thats clear...
362
Since the header is currently set to allow access only from https://yoursite.com , the browser will block access to the resource and you will see an error in your console. Now, to fix this, change the headers to this: res. setHeader("Access-Control-Allow-Origin", "*");
Allow CORS: Access-Control-Allow-Origin lets you easily perform cross-domain Ajax requests in web applications. Simply activate the add-on and perform the request. CORS or Cross-Origin Resource Sharing is blocked in modern browsers by default (in JavaScript APIs).
This error occurs when a script on your website/web app attempts to make a request to a resource that isn't configured to accept requests coming from code that doesn't come from the same (sub)domain, thus violating the Same-Origin policy.
Access-Control-Allow-Origin: * is totally safe to add to any resource, unless that resource contains private data protected by something other than standard credentials. Standard credentials are cookies, HTTP basic auth, and TLS client certificates.
It's not Ember that is the problem. it's the server at port 3000. If your Ember app is running on a different port, it is basically cross domain and thus the server at port 3000 must be CORS enabled. Example of this is like this for node js and express: http://enable-cors.org/server_expressjs.html You need to figure out how to do this for your back end. But what it comes down to is just basically adding the right headers into the response stream.
Some other example:
http://enable-cors.org/server_iis7.html
http://enable-cors.org/server_php.html
Note that if you do want to prevent the Ember server from sending requests to other origins, you can use Content Security Policies.
122
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
