Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Origin http://localhost is not allowed by Access-Control-Allow-Origin

Tags:

javascript

node.js

cors

backbone.js

I'm trying to do a fetch from backbone.js to my node.js server. However, I get the following error in the console:

Origin http://localhost is not allowed by Access-Control-Allow-Origin.

I added the following to my node.js server:

var allowCrossDomain = function(req, res, next) {
    res.header('Access-Control-Allow-Origin', "http://localhost");
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header('Access-Control-Allow-Headers', 'Content-Type');
};

app.configure(function() {
    app.use(allowCrossDomain);
});

But it's still returning the same error. However, even if this did work, it doesn't seem like the ideal solution, as I would like users from all over to be able to send requests.

like image 727
Willem Ellis Avatar asked Apr 16 '13 20:04

Willem Ellis

People also ask

How do I fix not allowed by Access-Control allow origin?

There Are Two Approaches to Getting It Right.Use a reverse proxy server or WSGI server(such as Nginx or Apache) to proxy requests to your resource and handle the OPTIONS method in the proxy. Add support for handling the OPTIONS method in the resource's code.

How do I enable CORS in localhost?

1. Use the proxy setting in Create React App. "proxy": "https://cat-fact.herokuapp.com/", Now when you make an API request to https://localhost:3000/api/facts Create React App will proxy the API request to https://cat-fact.herokuapp.com/facts and the CORS error will be resolved.

How do I give Access-Control allow origin?

Limiting the possible Access-Control-Allow-Origin values to a set of allowed origins requires code on the server side to check the value of the Origin request header, compare that to a list of allowed origins, and then if the Origin value is in the list, set the Access-Control-Allow-Origin value to the same value as ...

Is not allowed by Access-Control origin?

In that case you can change the security policy in your Google Chrome browser to allow Access-Control-Allow-Origin. This is very simple: Create a Chrome browser shortcut. Right click short cut icon -> Properties -> Shortcut -> Target.

1 Answers

If you want everyone to be able to access the Node app, then try using 

res.header('Access-Control-Allow-Origin', "*")

That will allow requests from any origin. The CORS enable site has a lot of information on the different Access-Control-Allow headers and how to use them.

I you are using Chrome, please look at this bug bug regarding localhost and Access-Control-Allow-Origin. There is another StackOverflow question here that details the issue.

like image 184
ryanday Avatar answered Oct 04 '22 17:10

ryanday
Sign in to Comment

Related questions

Is there a jQuery EventSource?
Getting started with backbonejs - what should a server return
JQuery: Convert GET URL to POST
Open popup at clicked position
How is $('h1') logging to the web console as an array in jQuery?
Regex for matching a previous group in the pattern?
Is the deferred/promise concept in JavaScript a new one or is it a traditional part of functional programming?
html() method wrong when input value has changed
monochrome dithering in JavaScript (Bayer, Atkinson, Floyd–Steinberg)
Resize a div to smaller than its declared size?
AngularJS binding between variables
Can I use WebRTC to open a UDP connection?
how to select :after element using jquery
Using string split instead of array declaration array with substrings
Stop memory leaks with recursive promises
Write data to USB HID using JavaScript, HTML5, or any cross platform language (supports Android)
Parsing .msg files in JavaScript
Get querystring array values in Javascript [duplicate]
Javascript: Global Element Focus Listener
Refresh a div with php data every 10 seconds using jQuery

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!