No 'Access-Control-Allow-Origin' header is present on the requested resource

Jun Huang
Added over 3 years ago

I am attempting to make the following API call using ajax from a webpage in my local server localhost:3000.


Unfortunately I receive the following error in the browser

XMLHttpRequest cannot load http://localhost:8080/rest/adhoc/ No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 404.

If I put http://localhost:8080/rest/adhoc/ directly in a browser, I get the result I am expecting. I am able to use curl to access the same information. From the same webpage, i can successfully bind to the server on port 5280. So I am pretty sure access control / cross domain is set up properly.

Navigating to etc/bosh-extra-headers.txt I have

Access-Control-Allow-Origin: *

Access-Control-Allow-Methods: GET, POST, OPTIONS

Access-Control-Allow-Headers: Content-Type

Access-Control-Max-Age: 86400

etc/cross-domain-policy.xml has

<!DOCTYPE cross-domain-policy SYSTEM "">

Is there something else I need to setup for my javascript ajax call to successfully access the rest api?



Replies (4)

Added by Andrzej Wójcik IoT 1 CloudTigaseTeam over 3 years ago

Headers in file etc/bosh-extra-headers.txt are only for BOSH connections and not for HTTP REST API. Currently there is no way to configure cross domain access to HTTP REST API as there is no such feature implemented for HTTP REST API

Added by Jun Huang over 3 years ago

That's good to know. I'll call the rest api using a different method.


Added by peirong jiang about 3 years ago

how do you resolve this problem? any help will be ...

Added by Andrzej Wójcik IoT 1 CloudTigaseTeam about 3 years ago

CORS is not implemented for REST API so it will not work and for now it is not possible to access REST API from JS from other site.