Thursday, 25 August 2016

ajax - Enabling CORS on the client side



I'm creating a web appliacation that will run on a server that I can not manage nor modify in any case.



Within that application, I need to exceute a AJAX call to a different server.
This will always be blocked by the 'Same Origin Policy'.




Where server01.test.net is the webserver and mail.test.net is the second server.



Is there a way to enable CORS by any means in the client side, as I'm not able to add the 'Access-Control-Allow-Origin "*"' on the server. Or any other workaournd?



Thanks


Answer



If the server you are calling does not support CORS, you will not be able to make the request to the third-party server using AJAX.



You will have to resort to setting up a pass-through AJAX route in your application. The client (browser) makes a request to your AJAX route which proxies the call to the third-party server and returns the result. Because the third-party request is happening on the server rather than the browser, Same Origin Policy doesn't apply.




This approach means there will be an additional request that wouldn't be necessary if you could use CORS, but there really isn't another option.


No comments:

Post a Comment

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...