Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CORS error on same domain?

Tags:

python

javascript

ajax

cors

cross-domain

I'm running into a weird CORS issue right now.

Here's the error message:

XMLHttpRequest cannot load http://localhost:8666/routeREST/select?q=[...]  Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin

Two servers:

  • localhost:8666/routeREST/ : this is a simple Python Bottle server.
  • localhost:8080/ : Python simpleHTTPserver where I run y Javascript application. This app is executing Ajax requests on the server above.

Any thought on what could be the problem?

EDIT:

And... the port was the problem. Thanks for your answers :)

If anyone is using a Python bottle server as well, you can follow the answer given on this post to solve the CORS issue: Bottle Py: Enabling CORS for jQuery AJAX requests

like image 360
Mr_Pouet Avatar asked Nov 13 '13 23:11

Mr_Pouet

People also ask

Why do I get CORS error from same domain?

Or, your API fails and shows a CORS error in the console. This happens because the same-origin policy is part of the browser's security model which allows websites to request data from APIs of the same URL but blocks those of different URLs. Browsers do this by adding an ORIGIN key in the request.

How do I get rid of CORS error?

Short description. Cross-Origin Resource Sharing (CORS) errors occur when a server doesn't return the HTTP headers required by the CORS standard. To resolve a CORS error from an API Gateway REST API or HTTP API, you must reconfigure the API to meet the CORS standard.

What is CORS and how do you fix it?

Cross-Origin Resource Sharing (CORS) is a mechanism or a protocol that allows devices on one domain to access resources residing on other domains. Generally, for security reasons, browsers forbid requests that come in from cross-domain sources.

Does CORS apply to different ports?

Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, or port) other than its own from which a browser should permit loading resources.

2 Answers

It is only considered to be the same if the protocol, host and port is the same: Same Origin Policy

If you want to enable it you must follow Cross-Origin Resource Sharing (cors) by adding headers. Mozilla has examples

You need to add Access-Control-Allow-Origin as a header in your response. To allow everyone (you should probably NOT do that): 

Access-Control-Allow-Origin: *

If you need to support multiple origins (for example both example.com and www.example.com), set the Access-Control-Allow-Origin in your reply to the value of the Origin-header from the request (after you verified that the Origin is white-listed.)

Also note that some requests send a preflight-request, with an OPTION-method, so if you write your own code you must handle those requests too. See Mozilla for examples.

like image 114
some Avatar answered Sep 28 '22 09:09

some

The port numbers are different.

A request is considered cross-domain if any of the scheme, hostname, or port do not match.

like image 44
jcarpenter2 Avatar answered Sep 28 '22 10:09

jcarpenter2
Sign in to Comment

Related questions

Create table with jQuery - append
Start HTML5 video at a particular position when loading?
Singleton pattern in nodejs - is it needed?
How to trigger ngClick programmatically
Why does Firebug say toFixed() is not a function?
Development server of create-react-app does not auto refresh
How to make tinymce paste in plain text by default
Image loaded event in for ng-src in AngularJS
less than 10 add 0 to number [duplicate]
How to write a ternary operator (aka if) expression without repeating yourself
execCommand() is now obsolete, what's the alternative?
console.log() async or sync?
How does the Meteor JavaScript framework work? [closed]
How to move an iFrame in the DOM without losing its state?
Why can I add named properties to an array as if it were an object?
When should I use jQuery's document.ready function?
Openstreetmap: embedding map in webpage (like Google Maps)
ES6 template literals vs. concatenated strings
How to create websockets server in PHP
File Upload without Form

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!