CORS error on same domain?

by

It is only considered to be the same if the protocol, host and port is the same: Same Origin Policy

If you want to enable it you must follow Cross-Origin Resource Sharing (cors) by adding headers. Mozilla has examples

You need to add Access-Control-Allow-Origin as a header in your response. To allow everyone (you should probably NOT do that): 

Access-Control-Allow-Origin: *

If you need to support multiple origins (for example both example.com and www.example.com), set the Access-Control-Allow-Origin in your reply to the value of the Origin-header from the request (after you verified that the Origin is white-listed.)

Also note that some requests send a preflight-request, with an OPTION-method, so if you write your own code you must handle those requests too. See Mozilla for examples.

More Related Contents:

  1. Origin is not allowed by Access-Control-Allow-Origin
  2. Understanding AJAX CORS and security considerations
  3. Is CORS a secure way to do cross-domain AJAX requests?
  4. Javascript – No ‘Access-Control-Allow-Origin’ header is present on the requested resource
  5. Solve Cross Origin Resource Sharing with Flask
  6. How does Access-Control-Allow-Origin header work?
  7. jQuery AJAX cross domain
  8. Loading cross-domain endpoint with AJAX
  9. Can scrapy be used to scrape dynamic content from websites that are using AJAX?
  10. Response to preflight request doesn’t pass access control check
  11. jQuery XML error ‘ No ‘Access-Control-Allow-Origin’ header is present on the requested resource.’
  12. how to bypass Access-Control-Allow-Origin?
  13. Why am I seeing an “origin is not allowed by Access-Control-Allow-Origin” error here? [duplicate]
  14. No ‘Access-Control-Allow-Origin’ header is present on the requested resource error
  15. Cross-Origin Read Blocking (CORB)
  16. Why am I seeing an “origin is not allowed by Access-Control-Allow-Origin” error here? [duplicate]
  17. Why does the preflight OPTIONS request of an authenticated CORS request work in Chrome but not Firefox?
  18. How do I send an AJAX request on a different port with jQuery?
  19. AngularJS POST Fails: Response for preflight has invalid HTTP status code 404
  20. cross-origin ‘Authorization’-header with jquery.ajax()
  21. Canvas tainted by cross-origin data
  22. CORS cookie credentials from mobile WebView loaded locally with file://
  23. Javascript module not working in browser?
  24. How does the ‘Access-Control-Allow-Origin’ header work?
  25. Microsoft Edge blocked cross-domain requests sent to IPs in same private network CIDR
  26. XMLHttpRequest: Network Error 0x80070005, Access is denied on Microsoft Edge (but not IE)
  27. CORS error with jquery
  28. Get data from html and and pass the data back to the front end using ajax or js
  29. Python Flask Cors Issue
  30. Phonegap-Javascript sending cross-domain ajax request

Leave a Comment