Monday, January 18, 2016

Enabling CORS : Solve Cross-Origin Request Blocked error

If you are trying to run two different servers on the same machine and trying to access each other through HTTP request, you might get a CORS error.

Something like this in Firefox:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://ab.com. This can be fixed by moving the resource to the same domain or enabling CORS.


and this error in Google Chrome:

XMLHttpRequest cannot load http://abc.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.


To solve this - first you need enable module "headers" on the server which is responding.

For Apache you run the following and restart the server:

sudo a2enmod headers

next add the following to your .htaccess file

<IfModule mod_rewrite.c>
  Header add Access-Control-Allow-Origin "*"
  Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
  Header add Access-Control-Allow-Headers: "Content-Type"

  ..........................................
  ..........................................
</IfModule>

1 comment:

Nagendra Reddy said...

Thank You for solving Cross-Origin Request Blocked error.
Regards,
Apache Tomcat Training in Hyderabad.