Cross Domain Ajax Call in Atom Shell

Question

We are working with Atom Shell (Currently known as electron) to wrap a web application as desktop app and having trouble making cross domain ajax calls due to CORS restriction.

We also tried nw.js (Formerly known as Node-Webkit) and we had no problem making cross domain ajax call with it. Does Atom Shell (Electron) restrict cross domain calls by default?

Answer 1

If the webpage is loaded in "file://" mode and not served by an http server, you can make ajax calls by default.

If you still have troubles with CORS restrictions, you can set this option to the browser-window object :

var BrowserWindow = require('browser-window');
var win = new BrowserWindow({
  webPreferences: { webSecurity: false }
});

Answer 2

There are two problems here

CORS restrictions, which prevent the client from initiating a request, and the Access-Control-Allow-Origin header which is set by the server.

The first problem is solved as mentioned by setting the web-security options on the Browser-window object.

"webPreferences" : {
    "webSecurity" : false
},

The second issue whereby Electron actually sends 'file://' as the value of the Origin in the request does not have a solution as far as I can tell. Your options are to allow 'file://' or '*' in the Access-Control-Allow-Origin header (server side).

I have actually requested that setting the origin on requests be allowed but I suspect it will not get much traction.

Answer 3

Solutions' updated syntax:

var BrowserWindow = require('browser-window');
var win = new BrowserWindow({
    webPreferences: {webSecurity: false}
});